Prohlížeč plný reklam a vys. oken

[petal219]

Dobrý den mám problém,
prohlížeč je zanesen reklamami a nežádoucími vyskakovacími okny, pomozte mi prosím. A pokud možno mi sdělte z jakých programů ono nežádoucí svinstvo pochází děkuji předem.
RSIT log:Logfile of random's system information tool 1.10 (written by random/random)
Run by Matouskovi at 2015-02-15 12:55:25
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 7 GB (4%) free of 172 GB
Total RAM: 4030 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:55:39, on 15.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyWow64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Matouskovi.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... om%2F&OSP=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: 71c6c330e74701318a6f0adb73eaa5ae0060804 - {11111111-1111-1111-1111-110611081104} - C:\Program Files (x86)\Radio Canyon\Radio Canyon-bho.dll
O2 - BHO: 166090e0f32601317e4e5118752c52d60061752 - {11111111-1111-1111-1111-110611171152} - C:\Program Files (x86)\Internet Speed Checker\Internet Speed Checker-bho.dll
O2 - BHO: TperfeectcoUpon - {14c33b96-8815-4889-ac5a-c8e22abc8fbd} - C:\ProgramData\TperfeectcoUpon\f8NjudZJR9w5Wn.dll
O2 - BHO: SaverAddon - {19766f37-672d-4037-b893-7b3d120febb9} - C:\ProgramData\SaverAddon\JFYEfkrFdqbdZB.dll
O2 - BHO: FFLExibleSShOuPpere - {2c069121-6399-4df6-a468-915a295e5b6f} - C:\Program Files (x86)\FFLExibleSShOuPpere\G2Cu0uNzY1ad1c.dll
O2 - BHO: (no name) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - (no file)
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Linkey - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\Users\ESTERK~1\AppData\Local\Linkey\IEEXTE~1\iedll.dll
O2 - BHO: FineeDealSOffti - {50d8d9ec-a74b-4a3b-8c6b-7ed89d624aa2} - C:\ProgramData\FineeDealSOffti\887gkK92O1wEly.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ttoopdeal - {9a3c7949-e4de-4883-b8d4-4ea0f4c070b4} - C:\Program Files (x86)\ttoopdeal\89wejFNZEkUUK5.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: AppptoUo - {b3af377a-3d15-4510-8f78-59a13ed712de} - C:\ProgramData\AppptoUo\qkpaWlixFhdUvR.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll
O2 - BHO: savinshhop - {f1f7024a-77b2-4c52-9c3d-0144c7944261} - C:\Program Files (x86)\savinshhop\VRnibiJVLvRAmb.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [Sound Blaster Tactic3D Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe" /r
O4 - HKCU\..\Run: [TornTv Downloader] C:\Users\Matouskovi\AppData\Roaming\TornTV.com\Torntv Downloader.exe /c=startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SpyEmergency] "C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe"
O4 - HKUS\S-1-5-21-1528716315-3860698994-2152196103-1003\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent (User 'EsterkaPú')
O4 - HKUS\S-1-5-21-1528716315-3860698994-2152196103-1003\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" (User 'EsterkaPú')
O4 - HKUS\S-1-5-21-1528716315-3860698994-2152196103-1003\..\Run: [Steam] "D:\Program Files (x86)\Steam\Steam.exe" -silent (User 'EsterkaPú')
O4 - HKUS\S-1-5-21-1528716315-3860698994-2152196103-1003\..\Run: [cz.seznam.software.szndesktop] "C:\Users\EsterkaPú\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q (User 'EsterkaPú')
O4 - HKUS\S-1-5-21-1528716315-3860698994-2152196103-1003\..\Run: [cz.seznam.software.autoupdate] "C:\Users\EsterkaPú\AppData\Roaming\Seznam.cz\szninstall.exe" -c (User 'EsterkaPú')
O4 - HKUS\S-1-5-21-1528716315-3860698994-2152196103-1003\..\Run: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun (User 'EsterkaPú')
O4 - HKUS\S-1-5-21-1528716315-3860698994-2152196103-1003\..\Run: [Pokki] C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform (User 'EsterkaPú')
O4 - HKUS\S-1-5-21-1528716315-3860698994-2152196103-1003\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent (User 'EsterkaPú')
O4 - HKUS\S-1-5-21-1528716315-3860698994-2152196103-1003\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'EsterkaPú')
O4 - HKUS\S-1-5-21-1528716315-3860698994-2152196103-1006\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1528716315-3860698994-2152196103-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: TornTvDownloader.lnk = Matouskovi\AppData\Roaming\TornTV.com\TornTV Downloader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
O9 - Extra 'Tools' menuitem: Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
O9 - Extra button: (no name) - {64964764-1101-4bbd-8891-B56B1A53B9B3} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 5.11.0.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\users\esterk~1\appdata\local\linkey\ieexte~1\iedll.dll c:\progra~3\intere~1\intere~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESL Wire Helper Service (EslWireHelper) - Unknown owner - C:\Program Files\EslWire\service\WireHelperSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - Unknown owner - D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (file missing)
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Services (IePluginServices) - Unknown owner - C:\ProgramData\IePluginServices\PluginService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SmdmF Service (SmdmFService) - Unknown owner - C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spy Emergency Engine Service (SpyEmrgSrv) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15372 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\rundll32.exe" "c:\progra~3\intere~1\InterenetOptimizerSvc.dll",service
"C:\Windows\system32\rundll32.exe" "c:\progra~3\intere~1\InterenetOptimizerSvc.dll",service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
"C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2504
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskeng.exe {99A31920-1DEB-4AD4-9387-92A7DC0B9040}
"C:\Windows\system32\Dwm.exe"
taskhost.exe USER
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Internet Speed Checker\bbac79df-f3bf-4ebc-98c7-8c8e65597d04-6.exe" /rawdata=TpJk1pDDi3/YlSjbXkp9obqQVhdfqEHaW17tdaJNQJwSSFQIvlVhv3g8kNX50rW74lNAVyAEGXL20gscQUl+P7sH1gH/KE+d3KCcpJh8Dvew85K28xLGygPRRJYapsAZ/gKtIKLd+NP5Q7zWbc+cl6CCTRKd1EMq6f79MxcOHYV5ugU1/wweBfWNlnxxLFXlrdW3swd7JnhJZv05rvnBbZMcJ3TD5ikyoul729IDA0GfHaC26z5MTZ7HFQ7EgZMXm1V+Q9Y97V8uRgn5J2Ye3dthtOEDMWSGQxCz7mqgmdsHh0vtAFtRxZrM4X/j1nmsVpE/etnBSyqifuBiP4aWpq3EtY7/WcBkd4dgBXkz2sUVsGziZrR6Y/zkfWVMI7aEIBNuIAy+HzO5ZcDIoKaWUsUHIXYpkLDWEPMkgUaQ/NFm9NR6hKDhl+BgDHXi6WAP9Wy5FnOzyomKDRHDTLbHAN688BKZvRqraK/k070sj5w/hzKoL3efyu3/7tUYnEVleg33aBFoNYZHLwRMstHFeamK5XWg9NP0hqESfvPjT3Eb+pv/LyhB4tNTcU3EmexleKZVfeCAz7/OF+5sE/5WVahQMohKjX5Lt+6PwrQpu6AlpToylGYqGDZ004rGS1eTaMtzW6hdXnL/ZdUdijEz+i71hK+qYU7PXhgBiBJvJDeknnObL+wT8H5NBuMiEqXc3dVmz7iePspD5/SVbI1GwQOcU1OHV3xASxrm5kozyTFwv9P9ZJFKpv7bJYqF+vRfaJ1LASGFG1/FCkvXeEofCu62rRnkorwfG081qUOWG9jxc7UIPoYi47fF/cZWTvWhL7G4HQacm6/4/D523q6p5rOMPBc9i4pjZVLvj+1sk/8FPT7SfVwz2Dr03gotQOAg4Zkk/XcCVNVabDbwpDo8OH3AEnJAywnyCdL0ZtS3GZJft5S23GcFFGCrQ16GvKq7qTjbNMZE9hFT1ZjzCwj7BkMiDtI3h+zWpc3wBt6H2jFwUlWMoLsmBbQPSfk4f+dRrCrpJLvJGSWGAhia0vSNDYp9I3n8jPuax+sOi4jTK9NpjNI+HEN4OXhHQCgZoVdYKGiz1fvH1Rbmy+r8HjdQAUwp61jitD0LhS0ZtPJxDpx+bwQoiMI+5KoZCnA0a+fxngk+QHo/1SwkOhLDxOo5Cv3PYVaSeSkSq0co6PtlKSe4dE9p6OxfkUZXJ1CykJDsbqY+5uorCZwZXy2Vz3s4XG3OEOCb9PS3jNqL/edzvuU7rnOMcoU4Y8YWMiBe1h8j4jPrPcRXduYe1E0DGSfVmuUBq2nOr4EUsv56cjTTqVuqXEclPkzwSUR6Uz0SEmN/tD80RsRrpO+ya+eLNWgaoZUeSlVFYackEZZo06a3zptIoDmfD53Sp7a5Hkz5j5zSveJOpCuznv5D2hRzMg1h3f0Kv/GE0ydXS+x03yoZuZEQkf6NRgGwcYtGBtLFk3FhnaQYMfKNqPmtDGhr01dq1Yc9JvmRWcrKwMr57tdSvVyjNDa8L6/j4SRL+8JKEnKRTo+WrA5I6ebvM1A1LQpAhbnLIdi92N6iAhMw/1s3P6mV1TC85uosqOq1Z3fIJyw5k3J6nXDQIdbN2SEYlCUDcvgdEZPWwoToyzLWsjTS8A5ax731S+uclgEB5SYp0j4/PQOXBxqxgIvDaLn9SbIGPqZ9hpJynZxFcQ+Qa2xZtBtdNITQeqORmGsFO+97V5DG8Ziux60oaquXDayzDJVWwKvbnAFJsepIXj22Bra+6q+YD1+6uQ+3UCRsPC8ow3qGfEhuhBNiow8VTQsuCIDaL4SLVocQhl1AM23SJl5hv9eR1h0KvBtF+SXalRGt4oZLkORUD6pT07IGx1GDhi35lyYaFjMg1ZX5FisEkrLOxjKZ2bf5niMT0Gj6JqMZF4JnVcDabCEJVCW325EoSa/r8bpUcPVuLaLT6qO/k0qRacgsyli1JIsfBzAVTUceBJERJ9X6D9D8l14/WBKZSX7oNd5I40skVpGmduH00M0JmNF52bRsnHBnpAzm0bwrtt4DLOl+0EHnuUzqREDnyliPmNyR0FplLoNxw7cE1ZyomLQ0VHnG81/plnfMcBQ1p6X1H7JbuYiURqtwBK7bnEGq+XIjVvBeHmB+4mhcBaZM/PQ8ZmgnrKhJ1Tee5VYgqVHbpWBuDXUQLmGuNqpnPGXtYfgtePS46moJuZXP/xBj2Hddq4tqWT6lRHIAklewYfLV8IixdeuTYAJnVbz1/tSTb/hAaDVNUemj4nlzx685bQrYJ8I3uKPHs1zK7izpC95vHQut/er1EbFZX2wJZIM/PgRLolyi/2AZ3Z4/YGYYTxbJqjtCFBJv2WIXhfmG5iqo+kROG+OwrCnaQRp+jqwJulZ1Da/I5gjnv/oLN11ksmgtTI9uHwNAuADc797N89Gh5FiuFb4suqqcXfMw5TwIllu2iTm2K9gDc151EQjP1HBimkR26JYJBT/egLmPHdLcS6PLJgc6MWzZ/G7EaA7nx+JTgGMUekOxYDmQKVYqKI1KJ42Zx545MkJ8cSPHgfxv
"C:\Program Files (x86)\Radio Canyon\307579cc-108b-4551-9f7f-cbd042fabf42-6.exe" /rawdata=JNn8sGm9uH4NNDPVzNSHm+kixuwX8jHYVpDCt+qfBsPuWezqQpQHejBUbFQ0CKVSfCzgIa1BEr4LRM7XML0K+sQA4ZxnCKRxTPKgoAk5hadH3YzWRiBP5I6MM98NMDf7/I21rpF60G+xP0EvZ0FWdkjUkFZHbwUufNgbLGrTdg4maxmOQBxdTIQUpT4lTh3fKJW9LsONJNf/zhtqpyRJmyT+yBrVx75GMWrd2PzN8Ud9HvAbr86qjEQsQfGUouhB5G9h4MxCbcqETeEZQ3cOStL0Noc4gD/zLkTKG+MZbQSoBRMVOiCxlxN/OvyqDleZXOP6Z/sHW3hZlCTlpv/OshRdtBicrA4/+sEqIwFyrytNcFti836YlFCEIOXNAOvxjz8GM5XFZ8GExK1Qfi100Pb1hKapvbFbPbn08rhJFPbEDlyvTDYluyFn8jraad9znsAX4LEwxC+ZniQMrjQOQRCC4AFgove7pEGXEoLqBuepVN3JSbowF2ebGABZ9Z4mDrzA9t3wlUn12HL+ZDre+o/KxFiEB1gfzhYNzbkNIIR3xK12sWnhu7YfPxrOHPKwMyPAJkai/MGgzNh6asFMfA+wu4XSLhRTMyzYyToQYIwIDeiIn7BXXCuvTvjXZW8lWsler2M1/7T025xKKxDK1T5DQps++eLx1qwkfdT390EQncTgVUrQEcuS7PDZ2kyWqbeVuZVx6pjIekuuDmGjLg1NCRNWZXqH05iiASSu5qmAlVapFskjyG/uAwLJwusuki0mx8DalNvq3OXDkHcV18YJnhirzIFEP3Gv9qHi7rz6q++iNSmr47RKYmgLu7ecQLlIApmrfnEQe5jtLsvCLA4CqTykFI7YlzrVbCrjoKdGqANTW9qedy7ISLgQS8CX26fKUpY5yP2Q1zAusoXMzFJBFZ1FHXJy5IQdcdRptClzS30nU/gbfoLtUMik3B+IQ9Gwk3xqpTziOdvdstpfwF86gmYS8cG48+wjcMrxyJRVNUKrX8NWyUSeLgoC0ZR2OkgXG2T99I6BGH/qVNMPheUx/LY3L3HrJQuKRhstszIySjCoGhRUYr8X3gO8NYl4h14ePWW+Fe3YxqxgJ89Tv85ITNedYaEkLE/Weh5z6GtPCVYLlkg4f5neHdXWfSkzyA/MFxM6g7Sdbc9DCxMWluUMwRPgRd9bYJhbwLR7l6a7zPEQKAXNge99rlx+uK/D/hTHzp20Ba+VbLpTexFtKiVwkka4nZqDAaIWI3vBhZMNF5AQv+r+Q39PFzwrn7JsH2xlKKL+RGGGAxYbFdHokZlIcltQz61xqxG5PsoMo9AH9BbKQjroLWz4rQmUvuF1vr6j/SG3JXAURQQ5buKQNgFUxnb0Qvo/QlfKQFatb+iDJ9bXSV5WtLx5R3RA3uodlXlYw/K9N8BHlxqEmn+LmQDj6kSKssbUy+ABeukN94V9NzlR47/DGdtMFYPqZnQOk7Ui5TZatiTWYm0aI/6/rMrI7YXoczUxUucvPgGBMnF4WoDBf+uV++H3pxum3G7tU+yihc2B6NHuD/1Sy3GwY6SFScvfOWdL37Afum50S0FS+CuXCEWJRim33Mu5qNkOgneBdZyxW3VXuU8WREpcW0RTFg9XgmVNDByXtMfgKFrTDLu1UMEl2cYh9y0iFd7FzA90tezJLf6qeLo2iLTUPENV43WJet6f7n2v6sFoZ7CqgDC2Myr1ZdYqejj93F1qHe/44QuD09yIxQrWdUAxH/9OY62GSBZ6V9wXMizkxlI+2f6vrsJ23n3x5+s6EBQ1qDOWmaOCSvbqtprlc9rOt733ofFZxk35uMcFOS8gLVOGxpz6qLO1omhwInJYmJzDyTSzt8zD0hkvlnRv5nAFjw==
"C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe"
"C:\Program Files\Classic Shell\ClassicStartMenu.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"D:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
szndesktop.exe default start
"C:\Users\EsterkaPú\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "1939768837-271846909-19001880001998235223-849775909-643822203-1371851859-1662263585
"C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe" /r
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "13101401781594872229-161987396470795086355454884-1978665398896734291-1323964320
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"D:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "D:\Program Files (x86)\Steam\config\htmlcache" -cookiepath "D:\Program Files (x86)\Steam\config\cookies" -steampid 3800 --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3840.0.81491915\1892320675" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17,38,46 --gpu-vendor-id=0x10de --gpu-device-id=0x11c0 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3523 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/None/NewProfileManagement/Enabled/PasswordGeneration/Disabled/Prerender/PrerenderMulti/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3840.2.1956315291\884438187" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3840.10.1169360821\1126298508" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/None/NewProfileManagement/Enabled/PasswordGeneration/Disabled/Prerender/PrerenderMulti/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3840.17.1291896134\1907919682" /prefetch:673131151
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/None/NewProfileManagement/Enabled/PasswordGeneration/Disabled/Prerender/PrerenderMulti/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3840.22.1044524961\1485619130" /prefetch:673131151
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe

"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Classic Shell\ClassicStartMenu.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
taskeng.exe {05AB1DC8-7154-41F6-8860-357757DE58D8}
"C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyWow64.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7236.0.1801545879\829925851" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17,38,46 --gpu-vendor-id=0x10de --gpu-device-id=0x11c0 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3523 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Control/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Bootstrap/NewProfileManagement/Enabled/PasswordGeneration/Enabled/Prerender/PrerenderEnabled/RememberCertificateErrorDecisions/OneDay/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_81/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="7236.2.1361788346\1438561450" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Control/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Bootstrap/NewProfileManagement/Enabled/PasswordGeneration/Enabled/Prerender/PrerenderEnabled/RememberCertificateErrorDecisions/OneDay/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_81/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="7236.3.498049779\1168291404" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Control/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Bootstrap/NewProfileManagement/Enabled/PasswordGeneration/Enabled/Prerender/PrerenderEnabled/RememberCertificateErrorDecisions/OneDay/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_81/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="7236.4.146380297\956750085" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="7236.7.1455674759\343450826" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Control/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Bootstrap/NewProfileManagement/Enabled/PasswordGeneration/Enabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/OneDay/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_81/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="7236.9.588316000\752592473" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Matouskovi\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\307579cc-108b-4551-9f7f-cbd042fabf42-1.job - C:\Program Files (x86)\Radio Canyon\Radio Canyon-codedownloader.exe /rawdata=sK8KWm4pOL049y0SKDryDyklQgvuTNgBr7EbKym5FT1deOI9ddpcnacuj1iD+pslpp2zLVO1HBVBlUwUtAzzPxc3CYWXGAc7TG7dBWBt5j7fam1nt6GYBpSqpqeZQnCXgKQUQk06+Z6GzYl/araXH1j6fpE0K3DrI2TTYG/qvhO4c1yGp6Yy2wO9hDDb1m1dlZk7TfYP6TbeXLcU35JZGM5D+7r9Y1X85NvWgyQn/sVUs7UbOhaiBFnHMKU4xjMyv9JlFZIAJwKX4q8h+KX7msAW+t51my+vlaY9EdlqweEbfPIa8ogv9B20a2+Mo3rSTWnuXMF9AEqT2H7dAmFpLFlxUEEQadYpJ5gdiHJ8iOQmNDAlPt5uxnvTDXYAOasD/Oy5G5iVjxW+FsgEtjUkOxxXsS9GJdRB6p+BCYqAJG2porYicgmfSNT8an3M877dCLpqSQEXwqqweOv3FrRxQ8onSCOSQB1HcM/4OXo9BrmdahBV3BQK16XwFIfNqHGSFedjht070pI5loyjiMc0NZ9O8Lje49MDNKNNBwrAeP8l7UXzAYUlagyzh6iXy8auqqYbbgQtq+SrMs8KsYh9YxiyzawU27D7hyFjr2ECOhXExMRfcHW24BP3J3ovhaWqd6jsvRuCE6EB/tw8xtdQubUq1r+nll+uj729Qt4oe79MueONs7C7SPR6CfHKxdWCMtu3eiMTpTWYn5JQ517dfeO2nGnVhjTU/AM+5YNEuKKf5DurY8He5pzd7Rhtanib6XB5d/dFDfc56Luo+81cKYTfS3aAtodjNdT+jm3wYC8WoSpMlGTEHKDpYW0ELITJW2rWOchfOqk+d1gmF/ClfAYiUNnvz5oyWDzWtAsskVetk8zEKA+NyvZpIqNzbyZB1F5IhYlnML3NeZU3RHrYyL0me3Ue1rvSH80Uk6YbYJuvtVJXI0wyzNkoNJxFyrkpkN77BJ+h1NuLwipdHNwgjnf/H4oCrW9ohYn399+S5o2TmIO0XucKaiJwrD0b+r69knUrlJhw2mVng3keNRnInwYe3PEA9ZcmI3Z/k/cF5rBiHG1QPIgf7Kyl1cInaiHU/QN8XfVrKKr3O7hYhaCJXTeuCvb6u01lEsjN3fdlT1JFV0QvQ3gcUpz1Mu0WVSAIBqA8fyAfZ3rqbtxuT49ZJTXZDdBDjv0ABWUwl4hr/+Mxyemq4dO+WHlLItK6oa7R5peTQW8H9oNmmTSCU/efUFiWnx1YikMLxfuPFNcwKcUsc9I7pThTAqBfEjhu6NauXLlZPeH6UgRwuxdG44lbycV55FeKidz3DKVTJA2/Tyy42ADf5/KVBlQ7z/CvEpuUzaM6IVmiS/QFETpo6OXVZFC1Wdq0qc5crY+ZS7ynsKnJArpblqqYUI53Z0RWUzYkjpNOtMlqysK7z0p/EUukVK97rFMwCAsc2L8v8TAYMMwElbqetba4ogFPcB7SJdRV8K04IMClu3ytQ32Nci4V+QX/Ns4OFW1neXSupzrptb+0GiaGbsktZQUIvXWOyy7Y
C:\Windows\tasks\307579cc-108b-4551-9f7f-cbd042fabf42-11.job - C:\Program Files (x86)\Radio Canyon\307579cc-108b-4551-9f7f-cbd042fabf42-11.exe /rawdata=Na0ZjyfdiCImUzvj2k5oprs3wdVIe1DQhbMtccQd2hbafBD+dO0TrqES7NEQ+WALJPCjD5Gxp1USbe0vkQQmQtRno839JZ0+FTtWBHjMsYScfGydFQaRwgiUK35yjKvyQMuZzd3ZG8NXe4A4dCUvsVV5ezeDS4w90HBol0o7aqWyf3keTIBc8TSFsyIcBQl6wGru0Se4ZGpscycm6S3ii5jvGXyYBvMe4/l6bQc5K1zrZwQQckjqDyznbNlV8Iz0UURMBnlWvuhfLxgYN3txRiqOvLDCNW2/+ME5EqNJRKpA5QLzFNZA1ZMg54srTc3Hy9HvEMnHBliTDCHqBcNf9yM4etNTzBAsVtj94R7fAWTStX9JJTZZ0W/4p3wfxmag1dG+00Mun6sJ2U9lJutMY7izwAueSSTUW1WTCTFpAJCK6qCRGk5hG262A1Ij/270Kp5wKid5h+04pKjsoE8tvYuFNbJizNna12aNuGM+XpJn9z6K9Nfa6rXYYkG7sVUCFotfSVzh46DYOkYhxVEJy2CcF7Ju37bdQMc4LW90XaITaQadZLWTIZbFZ9VLZD9WvZkIZpHPuC4223qyC6YLAVXu2EoGjIPr80YD83piJuyq3YtLAXYnQ6x7CGo8mPBt7J9fvfaoEdCMC6YD3ngVZuT1lDN7+Oy3NGuB0Z8gR0oq3LhIpl5HcvrgKIVMkEmqkrKETgLzrxM1bK5Cuo3tfYW3/Sb1/5i0+fThGy+JFd59zeWZs7R+s15whLe9kCkCDPvuloET47zdmT/I7ULFfn7X2YOr7W5dKFhKDYMohcEPzPP9C69dl9EFMPSZVg2AVcx6kNh186WMZw32gib7NaN5qmAIjM8fZocXff3ibmAd7VXaBvxbRCmG/SWqdz2A3TiJAIcWdBz0jSc4wfZnUYilF3sdrHCUUTcAbdwwpS8RvdpLjeAACpLpAteCfjJ03eGCS0wTYfXJtIpxGefL+1fw/mHenRT/Fm16VIR2ZVfLMValgkXom/UhETWecP7qiAIo/v1pcH0hu9ml6cwfrXbmt85f9vrmUu7MrsIYZxFWKWAT8eyYCTZIn5mtH6mhV9aX2MfDxcJV+QYpyRWL8JtCyTMosT7MQdcdyaDSb9x4AiqGdI3eYbYsfveUOM8rkfVpJJhxsam2ukpif9knyP7yFljK8sgzGGo55DzajVREQ/GUIYWgRVGW9hoo1h+olv+qYYqcCOefwyAlX7iFhpbOCBuODG4o7wEoTxzS/ncZ6II/q7D8yFtvt8FvFizv2pskgGiPQAzXuLA52TONCCj/7bryKGHGtPrfTYS4sT/kVXLpmb36Tt3IYmAsABKPCW/oPFaYNqy7SCtvizeUGF25uVfB1jMWJdHLfY1uz35aYyuh4uZrDvCkYJelMthgnD93ocAGll51f0+I5pUv4P31e+RBEkuvRXUZd/EBKLCb1GdBwqUsSFk1pnH/vmn4QezxVaTJRcMIOuPRRwePANm3Li8/KqSuSULlwUft8QYzcKeCYMfp07ksu9mhZ8B5vCrTXfSRluzsOAZ/dhhpS24BCMMd+jdc8rhsMDTzBlHmOC6XXPzoPMcWk7RD9e5D6IvDdgsHwDGYAJx3bVk4gjtj60zhOg799yQtJAFIbmIDASd95gk1swydOKV6SGbSP6vlbUUo7kyxkKBSgkYYWcY79NUEbO7az3yxX4f4CtfC734qYsb+oE13nVjGIdCEqkQ4DzYy4Lez6wbyo8YxEmVu9E33Rnv9RZm7AhVnoTT1/Ebk3RjTXVAyGRxcaMCox270vil9QEPs8PclbWoPabr4zlYVzevbDEFNRL4hnr5jzvvL/mIAYPu1+nfsMIueDPj8cYhQW6MnsmJCobU8+EUq601Fyg7hkJXxzaMo/BQKpzFAg2/a7yb7qNY+t938/rol7XjRNCfrJwdjwfzXJSqrBDMOlN/uwyDAB/dRTAnhylLDdN//zMlf3cxws3E7gok5PYf+CjEPF9r3THZzG3N8Ajewk1BX1RSymzYLFXAu08U6KaPRTz5jSY0IFb/ugYcwLHEeR2fo1Gc10nsR/gMp7NwCd0y6lyodQGZDsQmsMBYLqLl2baIQ/bi/yOkl6AUTHonZFgDk6mEeJO6+5AtWnEKvOTKdhXoG8N+tNTd0kzNq/vE9QDglaFUG97eeOlqkvuI1xDDHk3X6jxi+OIrsjQkzaKAlGDWcLmFe2IBIDMHdMYcp2rB2yij2ijs00/iREIX/a7TQcWekipLUfg40MQiTPYfOfvjJKTEAeSdL7vc3JvPDDL0LHYcsLZrmjR/o6Js5LwJw4tPU1U+cJ94iyTg4iRQkrR1Ro1RpXPPuCg1sTj2I5RqtIGRS9rFx1fkIRe1cnnvFKh2lGLG3IQ==
C:\Windows\tasks\307579cc-108b-4551-9f7f-cbd042fabf42-4.job - C:\Program Files (x86)\Radio Canyon\307579cc-108b-4551-9f7f-cbd042fabf42-4.exe /rawdata=R+Y5rqwuH8ZR+HU+JzT8SqRnil2A509sw5cJtQOnhZfJk93rIOPYKckGhfKST6nnJX9VoECgkJbPNlmfdqDnMDve9R4lAb+a2Y1DhBo6gBfrnaA9F0Y3ppO4T87peVTxYms2RQ6m0NPPH2W7lLuqRFdGLMoUC+HxQns4cGx5f5mx8ADkAHaFycNgGMI2STrlLWnl3GWWG/Jq17bsXiSZgaWIr+PPJewPOcxT+allOImtJ6xzyo2XGY87r4EW960KmlrJ/2F+K6oU0x1xjcL4F4m8RAUZapaCxYXylzf63/Zb5rQPTEpe6LnKFRyhtddfvjE1Ana9HWm23S30MU/4WkefmNwMm2C93OmISPazWIMzm4EyGugEutN9cq9dq3JokWBloaWNbstcYvg/FzKTmPjrNDbtMcREe2P3vd+6bE6sDEhUWNtuymXWGVjeRQN/f0NIeNWapfJ0xpdE6yaN4Nonqh9dMxW/5ZP0fNjz6L6A8DcSmjDVKFpXMCeBGuwcK0P6uEs94WuGmw5hZfZU6IDlYzhdOZ3bmge46mw4Swp6MGNfh7CVW4E41ehKNVrOPHTOXA9X7KsuX1f40CbUn+XCBW9a4YaYhuKheBLIzCgruJk/jNFCuNqE+Gbr8iUXIATwXlQHkZdjgOoemWiOV/v8leAloWf8R7MPL1zjW3EMfMyf4Srzw23RU2ttK+Q9wdIMkyKWDQW6o4ceJSMfWA4iKOYJDT27FUjBFYn7alCzj6MjttD1EDDGkyt9+bpnhLl2MOtFWUoKDYn42LY1SbAj9FL11gmnZtBh3LotcjIZaOwrZAPzo/EPQDccGTtYXOtCE2Jf6JHA7cgmESzEsIZhQpnDG4ct+qEJPAJyg9m5Fdt59LtioR3JP1GWcqBYq1eXDXeghGK8kve2SNcexIj1bjXqHFBpWKoB1znpzuwX02JJQNLDOGret2fv4jXMybX27xy0X9tvYc3rGBDhk040EKW4Tpr0tD1FunYaajIMq7DH6xUBUv5clr/j8di9UF4posVRq2mxnTVI+rskqx7AMpKb2euL6br6KY069/wkpgMtZEL6lcs7uFwjBnjDmw60jQsNgQhhmq/4ZKYIYzbVJkUWBVUDpV71CgCV3M84vqeu2KCFZtaDfeDmEcsUSH2OnoMcaSOsc+wXrMW1Zk67sRJS/y9Z9SuaJR/tMeoYeNv8b8nfx0xj6PBl2Askc1fqSLYG2Q718EmLlfSscpQpe6c2PFtbxUgV2tmyLaCzZowWj+mmt3vvxoMf4HUXx2NlV4imfQGq+OyOTvFIb7kU0W4heNFFn09yEsqSJkPAZET3gFkpJrWtM5HpGwuFhcdXoUV9Bedfu6gVpVqhOcb4owiSVjekwgBNnutQocFnKCWQtBQn6IdUt/Ag5tjMZuJfG5+K7SdFnqT6Tba4K0vGj5egbo/Q1xvokQePLk/zwG58ctvsDTOWD8qHNEUWRybbx9Daud1s5KvfsKpkqcFT3hJNEEVpKzfnvTLlp0DMt+vb1nzF9vENdYPcOcogeGWa8v+YDwLw87ZSEPF4HcRCpgcp5QEAUKja5nUaY9q7iGe1sqF/24BGGXjaxYjyk3WzlzMh1tPt15wXpueu2FsraNYYSyRuoWtUFxeERPIBQZS7lS1+ngTypsWz6JG9gfh4rvZuEevMHUSBJ51r/GnFxUWu5s8RZhBuqR3sD65c/aODG+tAxAz0uqx+6MAM6IY1Gm6rSMPjoSi9/Seq4XJZuGZ94u8hBabA8PAw3iPXifNF/MqV6Mt8BIIQDYsioCkH2HqDNElHejUe+YZOYwpVPMKmQytaZ2CHX/q1acAdypEKe7yq9Ru49O5SMJtC8EkdHwbJ8MFOuSyTWUTVHE3BOVY+VBwcglPNIBdoL/sJovY2M6zbkhPUck0zi5w/BZwYLENkHWAOnXX4RZajrcQPTsWk2tvYNfVJf7mMUKX/GtXXEvld/xJRX/FzXBeXWCvf9BbmCdPi2F72xyuuRgR29rU05/tMlb+tQJv5By8PS1YRMpuIKNRERFc4f92b
C:\Windows\tasks\307579cc-108b-4551-9f7f-cbd042fabf42-5.job - C:\Program Files (x86)\Radio Canyon\307579cc-108b-4551-9f7f-cbd042fabf42-5.exe /rawdata=SksZYZH9AK0WVVZLfbdjapCiHq4sh/szp9/odHNJ2j0fvg7okK82TeXpHL5Tto1+K/aISRrqYO1SJk+jSjPCBgIDKwTyJ7H2WyakO5KAdHuCKgCcNdwlvLSTO61zJv0FDl1ezRXDRc12pn4ywErQNjQhEMethFaw1hmLuo7EwBtwuHbM8eS0WDqGwILB7pm1rWEUp8ZTPcg+BNHdsVDECb5mqQQaUoXsHwS1ygZWubXPnfVM8GjvK2la92DGrf5Z/ltW98Wz48ZIUFQM2skco0oPaRr5rCY5WU245MhwBgJbWS3a6+YeV55CqJpu2l6nPGe5zttdAkcNHV96w1SN8Kw87y2MWiYKahI1QJV0byO6D5xtUXcNJkgxMc32XiLBoylK86ZFLVmZ8/WFwLoH54VQtNYNJQEBlCfJqLV/V5zCAd3WGHodqA4QaqYXaHPipdZvG8IRqJ2CGw/vC7HjC13kLVuV+MvyFU9QCijVi0gp1PdgBS5846PZAh2IQbDatrnqplr9M96yVpmvBCngqxnukG4Lh0wLbJX3jMb2pMGMwoVVf0vLg25WQGeLh6vuts8wWVpQ5heLsEUEcdNhjtu8nmkGGe986vlNXYbkPvD3crwMaKz36ZHLrBhggWHLf/WE57LzSEZAe8GIkHydB2sz0zsG5ekGJb9P3I63P82/mCkyOZgg/e/PZ3M2EjWf8btrEWUtG8fyy27rIUa/aPCXs+BMoITXiJmbM2BYdJP9OeFU8QAv0y4r/Zo7EQNfTKFUBn0I3W6vTjO14s1nEf2a89gRfLMIr5o/E+gat8heNKkCvNXBUf4saTw2KBgNW2v8C1rNH0DNXrgQxtwQ+2G0JxM/Rut3cHi+Lq4OxH8Pr3q5x0EUCLlD8llSkfyKvWsg442crPEqXBByhEWDKE+f2Lt8xedIDoc49r5Uf/fPpen9ewrDW/bSXYt2nqc+3Q3nZoiGBAs7fHplz534hMbiHbbM5l9lRmT8Fw1ODUrkt7CZenYv2xiKquoIVBuT
C:\Windows\tasks\307579cc-108b-4551-9f7f-cbd042fabf42-5_user.job - C:\Program Files (x86)\Radio Canyon\307579cc-108b-4551-9f7f-cbd042fabf42-5.exe /rawdata=SksZYZH9AK0WVVZLfbdjapCiHq4sh/szp9/odHNJ2j0fvg7okK82TeXpHL5Tto1+K/aISRrqYO1SJk+jSjPCBgIDKwTyJ7H2WyakO5KAdHuCKgCcNdwlvLSTO61zJv0FDl1ezRXDRc12pn4ywErQNjQhEMethFaw1hmLuo7EwBtwuHbM8eS0WDqGwILB7pm1rWEUp8ZTPcg+BNHdsVDECb5mqQQaUoXsHwS1ygZWubXPnfVM8GjvK2la92DGrf5Z/ltW98Wz48ZIUFQM2skco0oPaRr5rCY5WU245MhwBgJbWS3a6+YeV55CqJpu2l6nPGe5zttdAkcNHV96w1SN8Kw87y2MWiYKahI1QJV0byO6D5xtUXcNJkgxMc32XiLBoylK86ZFLVmZ8/WFwLoH54VQtNYNJQEBlCfJqLV/V5zCAd3WGHodqA4QaqYXaHPipdZvG8IRqJ2CGw/vC7HjC13kLVuV+MvyFU9QCijVi0gp1PdgBS5846PZAh2IQbDatrnqplr9M96yVpmvBCngqxnukG4Lh0wLbJX3jMb2pMGMwoVVf0vLg25WQGeLh6vuts8wWVpQ5heLsEUEcdNhjtu8nmkGGe986vlNXYbkPvD3crwMaKz36ZHLrBhggWHLf/WE57LzSEZAe8GIkHydB2sz0zsG5ekGJb9P3I63P82/mCkyOZgg/e/PZ3M2EjWf8btrEWUtG8fyy27rIUa/aPCXs+BMoITXiJmbM2BYdJP9OeFU8QAv0y4r/Zo7EQNfTKFUBn0I3W6vTjO14s1nEf2a89gRfLMIr5o/E+gat8heNKkCvNXBUf4saTw2KBgNW2v8C1rNH0DNXrgQxtwQ+wR9FdsE7q5nk/ymtK8/D5G2T+I0XaewBzTVwzVZsImlbgwWwS7PkPivOWsMVwA9KQ77x9c/DAK01IYWKIt/ItLLj46BgigKWMTkCUiJxODeo+a9alx3jt56xxhP2LZSPqMgUQxnCwVgbnuBzjetopx80sMq6uP1hbqRZyMuax7c
C:\Windows\tasks\307579cc-108b-4551-9f7f-cbd042fabf42-6.job - C:\Program Files (x86)\Radio Canyon\307579cc-108b-4551-9f7f-cbd042fabf42-6.exe /rawdata=JNn8sGm9uH4NNDPVzNSHm+kixuwX8jHYVpDCt+qfBsPuWezqQpQHejBUbFQ0CKVSfCzgIa1BEr4LRM7XML0K+sQA4ZxnCKRxTPKgoAk5hadH3YzWRiBP5I6MM98NMDf7/I21rpF60G+xP0EvZ0FWdkjUkFZHbwUufNgbLGrTdg4maxmOQBxdTIQUpT4lTh3fKJW9LsONJNf/zhtqpyRJmyT+yBrVx75GMWrd2PzN8Ud9HvAbr86qjEQsQfGUouhB5G9h4MxCbcqETeEZQ3cOStL0Noc4gD/zLkTKG+MZbQSoBRMVOiCxlxN/OvyqDleZXOP6Z/sHW3hZlCTlpv/OshRdtBicrA4/+sEqIwFyrytNcFti836YlFCEIOXNAOvxjz8GM5XFZ8GExK1Qfi100Pb1hKapvbFbPbn08rhJFPbEDlyvTDYluyFn8jraad9znsAX4LEwxC+ZniQMrjQOQRCC4AFgove7pEGXEoLqBuepVN3JSbowF2ebGABZ9Z4mDrzA9t3wlUn12HL+ZDre+o/KxFiEB1gfzhYNzbkNIIR3xK12sWnhu7YfPxrOHPKwMyPAJkai/MGgzNh6asFMfA+wu4XSLhRTMyzYyToQYIwIDeiIn7BXXCuvTvjXZW8lWsler2M1/7T025xKKxDK1T5DQps++eLx1qwkfdT390EQncTgVUrQEcuS7PDZ2kyWqbeVuZVx6pjIekuuDmGjLg1NCRNWZXqH05iiASSu5qmAlVapFskjyG/uAwLJwusuki0mx8DalNvq3OXDkHcV18YJnhirzIFEP3Gv9qHi7rz6q++iNSmr47RKYmgLu7ecQLlIApmrfnEQe5jtLsvCLA4CqTykFI7YlzrVbCrjoKdGqANTW9qedy7ISLgQS8CX26fKUpY5yP2Q1zAusoXMzFJBFZ1FHXJy5IQdcdRptClzS30nU/gbfoLtUMik3B+IQ9Gwk3xqpTziOdvdstpfwF86gmYS8cG48+wjcMrxyJRVNUKrX8NWyUSeLgoC0ZR2OkgXG2T99I6BGH/qVNMPheUx/LY3L3HrJQuKRhstszIySjCoGhRUYr8X3gO8NYl4h14ePWW+Fe3YxqxgJ89Tv85ITNedYaEkLE/Weh5z6GtPCVYLlkg4f5neHdXWfSkzyA/MFxM6g7Sdbc9DCxMWluUMwRPgRd9bYJhbwLR7l6a7zPEQKAXNge99rlx+uK/D/hTHzp20Ba+VbLpTexFtKiVwkka4nZqDAaIWI3vBhZMNF5AQv+r+Q39PFzwrn7JsH2xlKKL+RGGGAxYbFdHokZlIcltQz61xqxG5PsoMo9AH9BbKQjroLWz4rQmUvuF1vr6j/SG3JXAURQQ5buKQNgFUxnb0Qvo/QlfKQFatb+iDJ9bXSV5WtLx5R3RA3uodlXlYw/K9N8BHlxqEmn+LmQDj6kSKssbUy+ABeukN94V9NzlR47/DGdtMFYPqZnQOk7Ui5TZatiTWYm0aI/6/rMrI7YXoczUxUucvPgGBMnF4WoDBf+uV++H3pxum3G7tU+yihc2B6NHuD/1Sy3GwY6SFScvfOWdL37Afum50S0FS+CuXCEWJRim33Mu5qNkOgneBdZyxW3VXuU8WREpcW0RTFg9XgmVNDByXtMfgKFrTDLu1UMEl2cYh9y0iFd7FzA90tezJLf6qeLo2iLTUPENV43WJet6f7n2v6sFoZ7CqgDC2Myr1ZdYqejj93F1qHe/44QuD09yIxQrWdUAxH/9OY62GSBZ6V9wXMizkxlI+2f6vrsJ23n3x5+s6EBQ1qDOWmaOCSvbqtprlc9rOt733ofFZxk35uMcFOS8gLVOGxpz6qLO1omhwInJYmJzDyTSzt8zD0hkvlnRv5nAFjw==
C:\Windows\tasks\307579cc-108b-4551-9f7f-cbd042fabf42-7.job - C:\Program Files (x86)\Radio Canyon\307579cc-108b-4551-9f7f-cbd042fabf42-7.exe /rawdata=pUeIk+l2cGcTMGnRgwa7E2TWVfrGSJWO0EdtlJgVrP1oggS79+s0Lkm8R/SZWIyO0QTF1jaVOaUynvYxj/Arr7Im+c/tVvg2PGAuTUgOSf0qFDrQCiRPzw+8Hm5Z09ZnXwOBCGWsXx2kpnG7gqB4ObYCdgUaj94bv8xIu4MxwtQUXtLHHy05py3DmCNBt99qK7OICx16p7fRug0wEAhSLfzHS0B4WeNHLmYJlxiZ3whrqdtCdv4XqsyvPZ8yyDzt1SI5X+LVU64yPlhP2C2g4vxgDGdNCDGFkp7fFAC2i8t4v2m7L8kk0Bp95GmsPE5ZeQ7VnvoadO4qUi7LPydLpcHxo6qoZ/i7jyn3z824PuPBxodLMLt65Mq0I6tCXclJ+kreCNFZhl6HvE5KZQX8WlshkSXOWH3USHtESlocBNc9XwPQ4SkbwyQjNXQdtiNGM2Oy3NlSZT2PWPRmH+I2dQiymeP56MIOxcl8lHnxfhm4G/i/pnUzlT+Bn70hRowsFUieORrXg2nqYbFXe3cGjcUcLZjwiBr5SlfOychhgLAcM7L/+dlO2Dea7UYlcaXc3zBcTLBOsr0I9M1YmFA20H7A22x+zJ+NDYXv64vLpBNLQJV/SHHJlJHiZoE8sTwLkPUQJueX9JhCHqcFAZbQj44eVS6TRACAycvoRWV7LY8MaV37idVC9ScaoGfpLl6jdFypT3CAnS6izBK+6LxLYS6ARGo2d5nTAMQcL9p9zq0EclErvCZJydM21Oqi+kCP3Tl/Vu1fYBCJPVrRCKlMufXtWMdIjao12QzjILHKzkiBQWABtJukni7Bgd0QuqtgtHhUXLrKv03GtLFGdYQi7S8Lp0IzGjQ7RMl519DkchmCi7dd9rpoxkO9tubvSquX7t/56hQkC7wIyq6zhpIWFmpJ16dcnx0P7c6FBmpocP1iWLCWT7XoQoysDLvmWwLcHW0EB7UXjnp87It+IyMm/GiHxpZKt0EjUzJXzsTaDbAbYQgmZSAcpwoR5vXUYDu7bBnJaSbGIpMzBnxAqWkeMlZ8Za5Mv9iiEDmhAb1eaFseXqL8OeKyKGfNGz6FyGFWk66hQKechJDheU9Hv8cmcoJl+g612QT17GXam1fBEYVTCab6mUHhVlf77bU0vl/JCgkV9B/g02YeOSP4ZOkpZ51wqYcGSfJPgYS017tlW7Vp6CuXSEqbEkWv+P3bixLPM1L1+lHNOSvfyCCmKLKZk0wKsXBUIg5MyyT/y9/apSnTD7iYh1C9zt0XgneSP+DS5H/0RvCfoyayMqMJ/LoX5N0XRZdvcf6Cyn+XfJxR+LezRHvh5s41Punw39ac0B0pKuIzEOegdr24J7oKfZM/Zp2iateEFc4dWfULQqmPZMFe916HQ6aR7NzTeSBjpSCbf4nAecCycbz0zgEY8/fFHJJTYC5MEeo8FgEzoyoiTkIPfBESXBLw7KZoqhJOOy2574Qb6gaae2vfqBL5WiDBWMIfQpRZIldr1S9cxdzLc5HH0cne9SaTHsgKogDRywSvgxG2/zj6hGAJ3YmWebTCMy+Isif7K5fzcgeH7r7ZEE3GQA24lPA2Psb7aeh1mXXrhazlSVlNutIQB7NtrMP20KbPr4IBmTNy/Qh7KqWs5B4qS7rqbeJBcE79DQTmwCiY3qfECCrKmT4S4aO4VZv6Ku08sbvyjPxGS0QUTez/s5c=
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\bbac79df-f3bf-4ebc-98c7-8c8e65597d04-1.job - C:\Program Files (x86)\Internet Speed Checker\Internet Speed Checker-codedownloader.exe /rawdata=ZUItHPgJG4+ITSffUvbg67rrztIlFqpkb9OCXauBouUxlFywlTmmwPv4qmQ+AV2oGwl34yZVIkTYgOW95U3NpPegFKvxe8bUqcuzH7B+7MdFe7dDlmpsDluXT1xhvh53pPaojtGC41XpMNCBuRD6XHhLYfLm/NET4OI3+zR/lQ+XbSYDcs16KIRGv8BCNyv7KP+VH0kjRTkT6wJA/jlhvfrIu5MSrzk+9dlkZHFCwpqHuMfVsM1J+tsDIes5WBc/0+2QVIb2ifaZ7EIt/rrejnYrq4zapg0ho4beEn5fY01CuwAwJtWmFtLpKZxwuceW8fq/j4PB49UbsXh29L/X/MUxoT/+B9tAVNpQCrhpM3GVgS22cAuGb7qOFprSxz8VbHOY0ZOgRPBKWiGKS9qbZUvWLVHsssf+i8xZgR+6wQy/0BYK9eoT7oYPYuHn/h5oR+AyQQC5cQiKnzb7IK81UaqCFT+XhrhPIyLx8h9ubh2o3uc/H5AMyWEwQCw/jXhjhf4nY2F+rM5TuNOuYPf07S1M3RAh+YHSYb+WA9hwXrlsuJAsZkazpiJPfpvIyeZxkmnM690ahtl1Pgv3Gp1KJGwW7LF6YyhTM6Ef1bZVoDfJyj1flKf2phzW6P4LiV1Ujucr/R+OnRMPPsWa4lVx/QwajbFFhpmeNorgrKUuu0WaUTLli30/zgnnEqArvVXTbimKD1DeP4ovLEfWx1hhu92V6Q3GsIKS6TK8804E7ynv+l6LZrhze/D0KVpZlkK4p8tReSKN+D5C2LS5jWjAO8NSTqNULMQinAcUMwQakv+d0iPgox7OBuhy7pIbY+u9CwzcdpC64GeX5ZMvmI8hc4pYjOa/Onqreq5NXVPO3Re37nUtwhfrEvvLBS+hKIPSw6eyrCO4foEEXDyg11MZv6/04KDZjQU35eNkzOes2NuX6VMQJnW7VToVDkeS9IAKmzsHJZBbU3eLl/3n7A3oOwKsAM4Mo/Ug31vhhpjiYSMFEWrDNESszwn0sTSHuJDwEKttQOJsKMRB5spmmDnyeU8KGrH6DHs7/bdOHnd99PuA4eDyf3IjLgtpB1t+vobpgR9CiIoHfM36ULVaJQlz+eKytWH5PyeFhRfrxhtnbBAaRn1CVMSPhRDfrSi0D0h2d3pD3lYs6GacWtRGJjW5my4VAawml0DwY/s4+U0MuE2fTiE1vK5xIWgHguaYuNxJRu8k/GHZeISNbYDdaABHrVfFHeQmUFQB2bUtNv7bdIH533CB99o6W1pQ0dc1UXsMKNfjlH1C03BKiURil/jzxm2zZqRWFjmpS8f0wKgaDBMzWow1fA7OJ99iV3pMBWVEAWETx6LhnTyUrFVMnWCBlW0ay5sj5derY1TmObzMeXaXQLXkeAatjOzVqcR7nrzqdckfvN6JVri0Ykz/8OuGK3RvwjzuvFFVEkgxnM3e2OPzDNblNja9N35voJ29pivpE+EQBoHBJN+Bp3yMB5BVO+f6Ou0gMzNrVMpawNLrVL02pnr+FVFe0Nw7ecen0xy1
C:\Windows\tasks\bbac79df-f3bf-4ebc-98c7-8c8e65597d04-11.job - C:\Program Files (x86)\Internet Speed Checker\bbac79df-f3bf-4ebc-98c7-8c8e65597d04-11.exe /rawdata=ont1yOYfonaJRj5RfBZxfd71Rq6RrGsDtHV4pZjQOAV3vzf/K7/Ct8NJyNuZD7ANP0slRv4N1XkEfm3dM3zL/wg5JWYxr8N5BVGfVQC0cr/i9AOwhSAucUqjVYYRmtNJR+CPmXcoSQjrlGQAEeT3vgLsnKEBDL5WlSzH4s2COtw8yf4wgIlhRnGojwAXBsXdWDhRHtuz3gZCLjbkTMZH4Qh1xmit36ghk4+ODImZ8om8olczNbjTXJv7eC/9uI210WofZ9X9L88UzCdE3VDVcNNEtJ6JZhNqyDVmxIXviG8pAfNi71Xz1Npe4kLRwlaiNHQw++1YDtXvCzTbnwop+xJZZ6mALFrqir2wy6QogC1IXN3Rd2V7WQjk7O8qTwSXCCnCuUqzigMZWg0RgUAd/ZvycApYMsHuHDl/pARCgPXZuRpFUSDlicDS9eKAAAag8xobSzqznRUwTUbcNopRKoXbU4gIyIrKvhQXZPoYhB9uNbKu4WpGfOWoW+4GhGlMeDJis4xLrhXxzZ3kmWmw+LyB3RFFOlheOWJxu3xeM/th4srrWYPGmPK73saaO0di0DuQob5yCnSlOPWHVCCjKKn2xYSxdlQpqv0cM3JgN1cj9Ls907VIjvc2kIsWHcBs280QgCLqNGxVgiUjt1aCvFpd064xX1NEXP0tnv4tm9oAgE0f5ppzibldRqwzAlf9S4u3ci5dtZ6tunQnjbpgD0j6FAUdwwvYwdLv/lcNqU3pcj7e88Y1S/JxQsGoRrjm50Ksnp6F4FVuybVT0gRpY8umZ1Nxm4h3SO+9MYBDZqXE+oshBdnhQRqnz2FcGmGOF1WaCLZZCdM1hWekyTqArsK67QD+RGBIXmQ57dMY1d7FqEXWbjUQCMoPT1dpeYGLQ+Op8y/205Be/7zEtcvR03ZlGCpQmTQgd05KIOk9Q058S61LRcKb4bXQa5le1fa88ttwTASYB/LNzdbTl7PbueBsbzQO9WPfSxnfxUD3QuxUahB2/0pFnPjlYr/9rGSOZZPyUidw6CNOjb1RFP3HRYI0UY9JU4/v+/rG12M8sRzcrcRHQJoMUXH+xNVXldh6c178FZYb4mD13syqgCiGvViZX2BBNG2llFcoh6hpGNqklF9Woo+cscZx0lOnAtRZ4TgLpbhF9/40BrWWERyuVmIgIHEEWZZqlVbgC+vqj0wEy335dTwHzj//HmrbCftdnv6nEaXf3dQqz8JZ6BAbxUD5bwbkTOcpoTgXzMo414kP9ywo5snjUsdtDsWQnq+uce7qLQIhoUOl08/Jc0cD780zxDyVe+z9qdgzT7/otzwIc1QtzzWcdvmgx2Uhj4zJUC6/p5/ho0P/PX/TPGPEU6cudJxl8JZUndFrN75ctdgG6DH5cRomMGB/AwEJDJBdAmJBDpKO+OewWbGQGKKqUqWzGOJCmAyjH/LAYD0RKapzjqsk+ucmMJdkM4d+mwTZL0l3KGDDF3CYRQ50wsKrBxkglHvCJLRVZnLf4yKXmUGTLwL1M7X4lc8Qx3aEHGz7IqerjxqUWRCEKrCTpCJvl4CsAXVuCKNbrPqlBpv71pKdiuYC69oaivNd9V5Sk9qLuGTwCdy+Fi8/pnmDfIwpQMRdqeg2O73QfLg+FqAInTQBOjuktHV/W4FdefajsEB7CK36uvy+V8ZeDuGbminTgO2PWFHMPOLL6wM7+Wt0Y9wWEwf+9uegkfKVwZjY+48wfB84mg5FzljJbc6wO1xijBmI6509zR6VUc6dCwbkY1Td4DAM7QgcS3nbHtnEgGkKTf7Nwbn2pghPO+S+iwdFKPl/ci6AvtMzvk0L5kb5b5woCBhvE/IO+YJkbdJ4HpcpvdP9ZK00VT378HRBPlHNknSZjtY3EpqIiABM9rYMmFEdS2T1MQsdlyNp9g9yNjFC7jGRJ0qsIvExYEDqVz/Nksl4PfKIhF0qDuTTJh6rWmXpHpsaj1becwGU9IZg9dHQK9tcGV6ta2rGLLAsvFhnFNcJm6FiS7k138SzWw4nlRIdIVlzoI11S2Mh4LKuafb1BAo69Ya41D5X1g4zx4L1xMMEGPGi0M9xr666FuKCrXIKW3IJ5KYAr2zsQy8WZyA7+TPNXi8pmAh4SF63j/Q49vRfVlEsVaXrzr/s0qZCX3andD1R/rvCwEUHATqsMzH6LdLSHOvauLAN2zXGVpV+e6LulbOranTwg0F3tbeii7e7/y/0Md4ccKc9MwedxaUCs6PyylP2qfsa2AsKEaJQnehlAdLCem/wmhKM13GSt3C9US461Y1oP43AID+JjBhRbnK2tiGBeeMQRp4rrn7AUeG79ir6gjXzQJawYIOXvkrViSEo6wudU+grFGVvG9SaLBPFA9aCVIoHdUTc5JQH/Q==
C:\Windows\tasks\bbac79df-f3bf-4ebc-98c7-8c8e65597d04-4.job - C:\Program Files (x86)\Internet Speed Checker\bbac79df-f3bf-4ebc-98c7-8c8e65597d04-4.exe /rawdata=v2Bt7cZMpdDABLLWCXC9u859J3krO7Jxq2usYTmhwob8kydjDlG5bwe/Frsmx7fQ/TGtncOkf5o5aWfCqdj4Nl/fTxnh3xRMFOcPwAvbwEi+tj5H9JeK0gpjA1FUAiFbUtTD9YeaQeTTT4IJrCZIT4jSMjoqg7tEgp54mq+ViE110KMeGSxjII5r8tgDyFcY+xoplObuYNWrJyR39oqsxH85nJjnMSFUycStPgkup5gyOM+WpGFV8ONepijIFWowuiozqLF2sFJNYWkKhgiFf9iJFKd9884kBQBJ6YMb9+3dpG6QNfF1fwkuBiS07+YNclGpklJfdukxiVAkFI++Lnm6BTX/DB4F9Y2WfHEsVeWt1bezB3smeElm/Tmu+cFtkxwndMPmKTKi6Xvb0gMDQZ8doLbrPkxNnscVDsSBkxebVX5D1j3tXy5GCfknZh7d22G04QMxZIZDELPuaqCZ2weHS+0AW1HFmszhf+PWeaxWkT962cFLKqJ+4GI/hpamrcS1jv9ZwGR3h2AFeTPaxRWwbOJmtHpj/OR9ZUwjtoQgE24gDL4fM7llwMigppZSxQchdimQsNYQ8ySBRpD80Wb01HqEoOGX4GAMdeLpYA/1bLkWc7PKiYoNEcNMtscA3rzwEpm9Gqtor+TTvSyPnD+HMqgvd5/K7f/u1RicRWVf70dWstND3fh7tpN2ecI/g0DLaF7YqQLhjvvrs+DkL54zk9qCrwGHwPqa0lO/kqL3ncc2J5EtqVDN+ZelZbM31t3fxaOuZxEqnl/9KIRbUZxYH3CzGBfHnoAyRAV2VFZXnty2mhd77gCdvQrSpTEfmS62NEY/EJ+zAQtWUw/AGIqDrLhLCzOG+rnoH/tQjqmWorBJVEUOtQfsyX0tN0Y4jG4Ipx5eCLnuK304N3PB+TWmRq7JsNOWniygBY2cGNjtJ0Uycb/6qoXj1v4Oum0ApGPbGHr803GhBPSiKTsJ/cm/vQ5kcLSWziWj0hojzf5j1OMPISmivXJ+B/sn+aSFHG3oqMcWexq4c0Yb3kzix7KQBFLHT/F9dCJAnk2kRGmpyDeRjk15rijQkOr4Uoat5LM7EdfJcs1Ve4I28hmzysuQkb3jR7hNYRinGHCFT3X26/Hn6oUxV5LUY5oZ4ee5wjL7opCorwWrjs1z6x0rPQUnZPC5XO/+eo2bG6wxljIzgRd4ucJ+w7v2MRUPaQhgg3fWq2pCRCcELbp274QoTWizRirla4iqQeJGpY7fpgNjkKF/hA8aJmy1N6SCUgW9KSfGW0JR2g2FBWEoHw14HbVA2dhsm5qIE+S3aMWL9IekcAuv1p3eZj2lxwSyJTC8jXs9rf3WrN1KH78ah1TuXTv+IT2CN8Gt0miSUF5mvOORq4GGlsXCfrSLjaA+ZN20KYih/ywoA70DGwUTwLlekeD3kfaLG/LNO5jInZJDdNWLyZ2XF56KBKz9ZruxHkk4te9BVpk1IRzmjv594sUMwmZRkPGkktrJ0voilYxcKQXK8mthHD2cCfn6+Q8raTn6aoOJ3AucDf1QFxsUIDRR/MwCLkMcAn/J7mRC44cIg1hN1Pjx95WK5a+N7J1/w25dPTiDMk7R7FzU9ivNxm5IMJkGeEoD5huS6vRKLHErtrGLT4pKn+xvlYavp01j/SRAEwq1QdfgK4+WBQcgf0tTS1vvFaE3rhYyVZP1DXIxpCyBljXIEhio5wl++0EBcRY+ebOlhlDhOcn8/0X0wQqZYJ1qRcnF48kWFUbYUYqISxk2NgC3EoWYJWd23aMgI2WbQQTP/HzxWSfzh35LPY+L1qhVK5UARWK0N2tsMAksSxYOoP1lev/0Q3RU80PaI4PelIz+nlzx6mSJIKfUuCQRgw==
C:\Windows\tasks\bbac79df-f3bf-4ebc-98c7-8c8e65597d04-5.job - C:\Program Files (x86)\Internet Speed Checker\bbac79df-f3bf-4ebc-98c7-8c8e65597d04-5.exe /rawdata=UcgI0AGSonSIIKz07lL+yDZtLQMcctuQGtYW1bGaOAOVd/G+N2V/Dc8aMv7SrnmtLYdamJObpRNloZdPSx7y8ZZvhdLBOYU5R+FbsRWr2RKXzVH4N2CpP5KKvIRlvNIJpkdbdAOZPXMxmaWPefheIMY5dc4o9tEMBzkR5GSbRCIeHaMd60Oi5hxnMyxbx/KoLfA6zYte5sDRH+yHBh7xmMPYPVjdNeWAuOD0r4+prGTVJ6Vv4iibPf9girk6x5YcbNnkvkfnj7QZ2oSJsFTgCfTgbOkgoOcy4B5lcginFBPW4emWz+Fp5snL3F3iWb7qLWzOaQMgyF/WvJOt8o1gTmKJ4KV7C32PLPUGHghKfkjVsnsT+rCFiGzgvobVMvwhAcN2XsMO0sHv5QkILcKnfi242cWgqm5rQXyiZI3h5Xoi7muZsA3xQ5YKLWsPxa1o0tsjQa72VHmj/mzbkKS0mFjWud8YnfMRJV5+mThTCShChTr85ZbqerLFEXz9rkhjoXVhSyd/AVrdwfGleb0hcYj2h4V9TTDCtUcnqdQyWv5TgM30yy403TwllVUmdDM7cczT+3F34bejo9avK6L0+D7djCg4Ai0VWk8Refx48QnZwwEHZYtYzoO6YYVNRXrGk2OfVEGnfdA5bCAmiXT5LctNigNzlUEcDJnyqDduq+23xIcXpbQYis/FBKR2VUFgDeQjLsxEzGfz4BaIaI9XGC1XMc4UIAo57I6R6AKrF7CeXJzcLJMOD9Nyj31wR8I08+8EUXLswY/ZDmJDvIFeRcRoquBKAI/AB/TJenIsZ2eKIOdq+1Lx6LoqKpc1otx5l3mSI8Gc1EYMNcM3qK8j4AvODIvleyv97SiApVhg+0mzwVASgb85T4xdpjwvyNjY8yw3FhpkhrsXZ0wxkpPX7xq5Lm0ftZcSYYyxF/IazqzpfHOqNWFVxRb8HA7S+I3KlGX4G18s+sE43S3LfgRDjpoai/yB8dodK83JpTn+RpLntJnhBToFLtyyJYSQi1V5
C:\Windows\tasks\bbac79df-f3bf-4ebc-98c7-8c8e65597d04-5_user.job - C:\Program Files (x86)\Internet Speed Checker\bbac79df-f3bf-4ebc-98c7-8c8e65597d04-5.exe /rawdata=UcgI0AGSonSIIKz07lL+yDZtLQMcctuQGtYW1bGaOAOVd/G+N2V/Dc8aMv7SrnmtLYdamJObpRNloZdPSx7y8ZZvhdLBOYU5R+FbsRWr2RKXzVH4N2CpP5KKvIRlvNIJpkdbdAOZPXMxmaWPefheIMY5dc4o9tEMBzkR5GSbRCIeHaMd60Oi5hxnMyxbx/KoLfA6zYte5sDRH+yHBh7xmMPYPVjdNeWAuOD0r4+prGTVJ6Vv4iibPf9girk6x5YcbNnkvkfnj7QZ2oSJsFTgCfTgbOkgoOcy4B5lcginFBPW4emWz+Fp5snL3F3iWb7qLWzOaQMgyF/WvJOt8o1gTmKJ4KV7C32PLPUGHghKfkjVsnsT+rCFiGzgvobVMvwhAcN2XsMO0sHv5QkILcKnfi242cWgqm5rQXyiZI3h5Xoi7muZsA3xQ5YKLWsPxa1o0tsjQa72VHmj/mzbkKS0mFjWud8YnfMRJV5+mThTCShChTr85ZbqerLFEXz9rkhjoXVhSyd/AVrdwfGleb0hcYj2h4V9TTDCtUcnqdQyWv5TgM30yy403TwllVUmdDM7cczT+3F34bejo9avK6L0+D7djCg4Ai0VWk8Refx48QnZwwEHZYtYzoO6YYVNRXrGk2OfVEGnfdA5bCAmiXT5LctNigNzlUEcDJnyqDduq+23xIcXpbQYis/FBKR2VUFgDeQjLsxEzGfz4BaIaI9XGC1XMc4UIAo57I6R6AKrF7CeXJzcLJMOD9Nyj31wR8I08+8EUXLswY/ZDmJDvIFeRcRoquBKAI/AB/TJenIsZ2eKIOdq+1Lx6LoqKpc1otx5l3mSI8Gc1EYMNcM3qK8j4A2AQqaaqYWZiNwfnAHir8+seuxjP1Dj+7XpldM1Kv7JEfQPYR06mdnWfXAR/CU9dpY9ZTQAUPOS840vBX8uoRAnV8lakiCw3fpGEgHXIW1+SBqfmHB2B2f1wPEor0XK/+QTCNvo1PboBWDuH6EB1m3tiv+cwI/4ofFNJx1DtvMg
C:\Windows\tasks\bbac79df-f3bf-4ebc-98c7-8c8e65597d04-6.job - C:\Program Files (x86)\Internet Speed Checker\bbac79df-f3bf-4ebc-98c7-8c8e65597d04-6.exe /rawdata=TpJk1pDDi3/YlSjbXkp9obqQVhdfqEHaW17tdaJNQJwSSFQIvlVhv3g8kNX50rW74lNAVyAEGXL20gscQUl+P7sH1gH/KE+d3KCcpJh8Dvew85K28xLGygPRRJYapsAZ/gKtIKLd+NP5Q7zWbc+cl6CCTRKd1EMq6f79MxcOHYV5ugU1/wweBfWNlnxxLFXlrdW3swd7JnhJZv05rvnBbZMcJ3TD5ikyoul729IDA0GfHaC26z5MTZ7HFQ7EgZMXm1V+Q9Y97V8uRgn5J2Ye3dthtOEDMWSGQxCz7mqgmdsHh0vtAFtRxZrM4X/j1nmsVpE/etnBSyqifuBiP4aWpq3EtY7/WcBkd4dgBXkz2sUVsGziZrR6Y/zkfWVMI7aEIBNuIAy+HzO5ZcDIoKaWUsUHIXYpkLDWEPMkgUaQ/NFm9NR6hKDhl+BgDHXi6WAP9Wy5FnOzyomKDRHDTLbHAN688BKZvRqraK/k070sj5w/hzKoL3efyu3/7tUYnEVleg33aBFoNYZHLwRMstHFeamK5XWg9NP0hqESfvPjT3Eb+pv/LyhB4tNTcU3EmexleKZVfeCAz7/OF+5sE/5WVahQMohKjX5Lt+6PwrQpu6AlpToylGYqGDZ004rGS1eTaMtzW6hdXnL/ZdUdijEz+i71hK+qYU7PXhgBiBJvJDeknnObL+wT8H5NBuMiEqXc3dVmz7iePspD5/SVbI1GwQOcU1OHV3xASxrm5kozyTFwv9P9ZJFKpv7bJYqF+vRfaJ1LASGFG1/FCkvXeEofCu62rRnkorwfG081qUOWG9jxc7UIPoYi47fF/cZWTvWhL7G4HQacm6/4/D523q6p5rOMPBc9i4pjZVLvj+1sk/8FPT7SfVwz2Dr03gotQOAg4Zkk/XcCVNVabDbwpDo8OH3AEnJAywnyCdL0ZtS3GZJft5S23GcFFGCrQ16GvKq7qTjbNMZE9hFT1ZjzCwj7BkMiDtI3h+zWpc3wBt6H2jFwUlWMoLsmBbQPSfk4f+dRrCrpJLvJGSWGAhia0vSNDYp9I3n8jPuax+sOi4jTK9NpjNI+HEN4OXhHQCgZoVdYKGiz1fvH1Rbmy+r8HjdQAUwp61jitD0LhS0ZtPJxDpx+bwQoiMI+5KoZCnA0a+fxngk+QHo/1SwkOhLDxOo5Cv3PYVaSeSkSq0co6PtlKSe4dE9p6OxfkUZXJ1CykJDsbqY+5uorCZwZXy2Vz3s4XG3OEOCb9PS3jNqL/edzvuU7rnOMcoU4Y8YWMiBe1h8j4jPrPcRXduYe1E0DGSfVmuUBq2nOr4EUsv56cjTTqVuqXEclPkzwSUR6Uz0SEmN/tD80RsRrpO+ya+eLNWgaoZUeSlVFYackEZZo06a3zptIoDmfD53Sp7a5Hkz5j5zSveJOpCuznv5D2hRzMg1h3f0Kv/GE0ydXS+x03yoZuZEQkf6NRgGwcYtGBtLFk3FhnaQYMfKNqPmtDGhr01dq1Yc9JvmRWcrKwMr57tdSvVyjNDa8L6/j4SRL+8JKEnKRTo+WrA5I6ebvM1A1LQpAhbnLIdi92N6iAhMw/1s3P6mV1TC85uosqOq1Z3fIJyw5k3J6nXDQIdbN2SEYlCUDcvgdEZPWwoToyzLWsjTS8A5ax731S+uclgEB5SYp0j4/PQOXBxqxgIvDaLn9SbIGPqZ9hpJynZxFcQ+Qa2xZtBtdNITQeqORmGsFO+97V5DG8Ziux60oaquXDayzDJVWwKvbnAFJsepIXj22Bra+6q+YD1+6uQ+3UCRsPC8ow3qGfEhuhBNiow8VTQsuCIDaL4SLVocQhl1AM23SJl5hv9eR1h0KvBtF+SXalRGt4oZLkORUD6pT07IGx1GDhi35lyYaFjMg1ZX5FisEkrLOxjKZ2bf5niMT0Gj6JqMZF4JnVcDabCEJVCW325EoSa/r8bpUcPVuLaLT6qO/k0qRacgsyli1JIsfBzAVTUceBJERJ9X6D9D8l14/WBKZSX7oNd5I40skVpGmduH00M0JmNF52bRsnHBnpAzm0bwrtt4DLOl+0EHnuUzqREDnyliPmNyR0FplLoNxw7cE1ZyomLQ0VHnG81/plnfMcBQ1p6X1H7JbuYiURqtwBK7bnEGq+XIjVvBeHmB+4mhcBaZM/PQ8ZmgnrKhJ1Tee5VYgqVHbpWBuDXUQLmGuNqpnPGXtYfgtePS46moJuZXP/xBj2Hddq4tqWT6lRHIAklewYfLV8IixdeuTYAJnVbz1/tSTb/hAaDVNUemj4nlzx685bQrYJ8I3uKPHs1zK7izpC95vHQut/er1EbFZX2wJZIM/PgRLolyi/2AZ3Z4/YGYYTxbJqjtCFBJv2WIXhfmG5iqo+kROG+OwrCnaQRp+jqwJulZ1Da/I5gjnv/oLN11ksmgtTI9uHwNAuADc797N89Gh5FiuFb4suqqcXfMw5TwIllu2iTm2K9gDc151EQjP1HBimkR26JYJBT/egLmPHdLcS6PLJgc6MWzZ/G7EaA7nx+JTgGMUekOxYDmQKVYqKI1KJ42Zx545MkJ8cSPHgfxv
C:\Windows\tasks\bbac79df-f3bf-4ebc-98c7-8c8e65597d04-7.job - C:\Program Files (x86)\Internet Speed Checker\bbac79df-f3bf-4ebc-98c7-8c8e65597d04-7.exe /rawdata=bOqvF7mSnGF56sYXpzAZWyDbrei8e0hDnHHsYejUBcSywAax2Mmb27t4iWBbJjaZEkMU630KW1ANDRdkPv/oA71Hf1ZT+OXpoH8MICsSgwKs4SVTdwwaR3lOuDAqK3nQyoW5d36uCAhhMZgw6X2WXZssGo+cERqyHjKQ04lrdHc+NMeAHMeEsaUZP3givJauobRcWpWNiFZTpcT2kTtjecquQ88U4+h6u2hLcB9OB8AgCaHBYULE4eai3YmAdUE0ypKK3Z6eH34YYz1mn82eDGHj/V5XuCxIIshYyQlSZZBPAtcby2U+LEDYbsvlFnfvsl71tTYQEw233LcEAHsbYyaaORMbYVSMaqRiBzaGpsC0FTkLPqJuKl0lQp2bzryNc7erCT23X7gP15i/Yls/TUriPOcvK/S4V9H3W/lW1x4vGXF+9Dx6Kyzpbtvj7VDt0U8goQHUxsYFQ0FTAME6wgzK6nU7+yG/Ak1d0Lwm/hZCmhWwsfFUqB0scoL6r89tvVElHAaEX2otY9k7K13IckUWg0AqAJ4fUwpLaMdl6V3b33Tl/lLMAHzt3Bs/OTF/7jbLqm8XEi2W0t/eXTKj06OTxvFJDpUEPQ+iVPKQrTnZJmQjvRQEQiyuKp9GhNHaltfJyu/0OYcMs9d15DlokcUPXOAWLPZL1G3xRJQZvLgI5wneXhoCCAxbdnsIHE+K7Sn41pc+Qm95I4qRAhgOO6mat/VRU0lADROwb09eS4inFh3NIrXkrj3R07vKlqCfSu7WpWYu3/1+QB9pyFWS32LDzCzsRtnwBRmPEpD780p3f5iBDOVv9plVJRXnRYtKhjq1d3yNTERePZjratVR8Imu0sWecE5aT/taVsr0SW1M3DofqVtbRvIr+dIjYZnyleaypzgfEdCtyWHYWC2NEd05WMrXiIXJ1FFDeUCbj4mY6kTB2l44XJ0j60v8QcU1bWCVxV34W8PGoVebk9aRQBHPE/G/veGVTmXEMggJ3mHjsz5Vx0QezED2QCTxihJRWujVrClA9QQkYPobXJ/S+J8i7twOyTbiQzxhmMHJv6ZRIHr/r8UN6PQtYBxhW4ND+rvCbUaQpB8RdREI2r0p4eu5Oh2wGxuX5QG91R9Rhhw2hbWqHq9YBVo0m66fkSTmLOxNhVDfOPy7ccBXKu+KSKs32lPTs/WoUZRvn64tREV1UdwSOcEFkCX0K0/fCXVzUbCUrA7bw1KYMhBdeS0Yop9ROZr4Bo+/3aJCr8U6C2RnLoU8M94fM0FH/WO2yDKnlzbjx6jGgAaU6iS82LX7lGFYYf7+pT5MGyWHBIinVMHPQ8jnEjf1B6qVSsIoF9g3TqgV3dGbF6bggZiO+Gr3SUQ6Q7kO/z9j3ErDtbflqChcNt2byKakXATFpQO5L71uzkEKy9BNdowhnKRoesSK8tJHZCAS6CRuv+3zXeIQ4hD19yTAAPL0WwS4nym++ZWBbl6u/XeAgVWkp+4n0AZ9LesXCn1b+b+3+2DPVmOzafu5HISYohh8i08gc7dafLTusM3YXGxArPgWgA2MEhkGQ3DzecgoeTI/Gq8e/q3WEpk00085ti0o//kDyYYCqP+lyKf+xuWg0HTdr3CaPlN1PkN2RiIyVHV0GQ/lTEjU4hOeyicp30CjrvbmAqjYaNrv/R6HrxrZ9s6akQhVOfWTvu92fTgxuX60PvuGPbVl4gtV19ZueMzLHvlt9SLKARnPWyldq2eUblMrQ15xCrN1DOoWoT7CrbsfqkTo6FvPuKULyIsCxrq38wES3AZU2AeskOvGLYttBlVsDTZ2tMc/wTnftKCDoczox6gv7qOCCjOU7OBVMuns6X5QVs9mPAqe2cA8OPXJnnjdhFqrSurI1RAc4Gai7obhCZWXO3secSqlNfW+xstBYSvXaYmIpSd1hCded91vlLvmKfukxY/ADWFHHKJ29hinusAPZSJZixSxAdupd2DUjRlnUbi+MeYlG5nsENugDfFyZMI16OcVM4+kvYK5Xs1Q5ggMfeKP6asGK6R2NZhiIGqyXAAEIPYuDgrnmVO8xuezTYKkSCNYM8l/rIjLHiusC6HigJkyscqnHL2eb+j2yPQLhXOhZZU9eeD4FuJ+U2zmFCRYlOV4dUK3bhq2VWn4qtJzNIPojXec33TV5u3DRcXt6s6wiyPwb0OL3tnyin+CDPIgH0a9FAzlCEtKyuic9Lc+d3DGbKAwmXRzBWBzhjca0Y9CXCkNcbis+Kt4EzwStU2EX7gqZ9fPlk362TRZEMEVz7f6f6YjDAB/61fqQs7n+LiBpmYLQMTL5oxAXxUaW8cLL2y8ivub1tcUr3z+mOYoeHhQneMgrVfPdcUQIDy3tidOEStEJdMRkuwWlYfNvpdHv7k2Ha4adMeusI5SYVB1uzpJnLXHCN7kUCDXdw+gjD/vLDzOaJDK6haz7a6Bu4G2nJrD/xJKFhs0f28Di/AVuDP6rJzvD8Wn0brFQdGcUO4ojn4ONIs/rJNmOsG8i7dv9zHcEOPYZqUgZsNUpclo345TlsLVb052i0sYa5yGx1w0v2fA
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default

prefs.js - "browser.startup.homepage" - "http://search.gboxapp.com/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@raidcall.en/RCplugin]
"Description"=Raidcall plugin
"Path"=C:\Users\EsterkaPú\AppData\Roaming\raidcall\plugins\nprcplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL


C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\
1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com
bjEWFzQQnQ@2.com
faststartff@gmail.com
H@WMwGwZjR.org
h@Zo3VB0.org
j88uM@vlXeY.org
jaHk@K.edu
Pk8aU@Ufp0H0.edu
RK@hFGbCFuJN.net
sepherdwilbur@aol.com
skipcerterror@foudil.fr
staged

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611081104}]
Radio Canyon - C:\Program Files (x86)\Radio Canyon\Radio Canyon-bho64.dll [2014-10-27 822176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}]
Internet Speed Checker - C:\Program Files (x86)\Internet Speed Checker\Internet Speed Checker-bho64.dll [2015-01-07 946656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14c33b96-8815-4889-ac5a-c8e22abc8fbd}]
TperfeectcoUpon - C:\ProgramData\TperfeectcoUpon\f8NjudZJR9w5Wn.x64.dll [2015-01-06 697856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19766f37-672d-4037-b893-7b3d120febb9}]
SaverAddon - C:\ProgramData\SaverAddon\JFYEfkrFdqbdZB.x64.dll [2014-12-29 654336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2c069121-6399-4df6-a468-915a295e5b6f}]
FFLExibleSShOuPpere - C:\Program Files (x86)\FFLExibleSShOuPpere\G2Cu0uNzY1ad1c.x64.dll [2015-02-08 708096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-06-29 724992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}]
Linkey - C:\Users\EsterkaPú\AppData\Local\Linkey\IEExtension\iedll64.dll [2014-08-31 202256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50d8d9ec-a74b-4a3b-8c6b-7ed89d624aa2}]
FineeDealSOffti - C:\ProgramData\FineeDealSOffti\887gkK92O1wEly.x64.dll [2015-01-06 697856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9a3c7949-e4de-4883-b8d4-4ea0f4c070b4}]
ttoopdeal - C:\Program Files (x86)\ttoopdeal\89wejFNZEkUUK5.x64.dll [2015-01-28 699904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-03-21 6270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b3af377a-3d15-4510-8f78-59a13ed712de}]
AppptoUo - C:\ProgramData\AppptoUo\qkpaWlixFhdUvR.x64.dll [2015-01-18 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIE9BHO Class - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll [2013-06-29 437760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f1f7024a-77b2-4c52-9c3d-0144c7944261}]
savinshhop - C:\Program Files (x86)\savinshhop\VRnibiJVLvRAmb.x64.dll [2015-01-28 699904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611081104}]
Radio Canyon - C:\Program Files (x86)\Radio Canyon\Radio Canyon-bho.dll [2014-10-27 607648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}]
Internet Speed Checker - C:\Program Files (x86)\Internet Speed Checker\Internet Speed Checker-bho.dll [2015-01-07 620512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14c33b96-8815-4889-ac5a-c8e22abc8fbd}]
TperfeectcoUpon - C:\ProgramData\TperfeectcoUpon\f8NjudZJR9w5Wn.dll [2015-01-06 562688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19766f37-672d-4037-b893-7b3d120febb9}]
SaverAddon - C:\ProgramData\SaverAddon\JFYEfkrFdqbdZB.dll [2014-12-29 512512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2c069121-6399-4df6-a468-915a295e5b6f}]
FFLExibleSShOuPpere - C:\Program Files (x86)\FFLExibleSShOuPpere\G2Cu0uNzY1ad1c.dll [2015-02-08 564736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-06-29 594432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}]
Linkey - C:\Users\ESTERK~1\AppData\Local\Linkey\IEEXTE~1\iedll.dll [2014-08-31 175632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50d8d9ec-a74b-4a3b-8c6b-7ed89d624aa2}]
FineeDealSOffti - C:\ProgramData\FineeDealSOffti\887gkK92O1wEly.dll [2015-01-06 562688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-01 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9a3c7949-e4de-4883-b8d4-4ea0f4c070b4}]
ttoopdeal - C:\Program Files (x86)\ttoopdeal\89wejFNZEkUUK5.dll [2015-01-28 561664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b3af377a-3d15-4510-8f78-59a13ed712de}]
AppptoUo - C:\ProgramData\AppptoUo\qkpaWlixFhdUvR.dll [2015-01-18 566272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-01 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIE9BHO Class - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll [2013-06-29 367616]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f1f7024a-77b2-4c52-9c3d-0144c7944261}]
savinshhop - C:\Program Files (x86)\savinshhop\VRnibiJVLvRAmb.dll [2015-01-28 561664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-06-29 724992]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-06-29 594432]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2013-06-29 151552]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072]
"LogMeIn GUI"=C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2011-09-16 57928]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TornTv Downloader"=C:\Users\Matouskovi\AppData\Roaming\TornTV.com\Torntv Downloader.exe /c=startup []
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"SpyEmergency"=C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe [2013-10-03 3231032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ESL Wire]
C:\Program Files\EslWire\wire.exe --tray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msvdbufSrv]
C:\Windows\system32\msvdbuf.vbe mskviy mssdxk []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru]
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-11-08 1028384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 720064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RaidCall]
C:\Program Files (x86)\RaidCall\raidcall.exe [2013-05-27 3428024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Razer Synapse]
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2014-03-11 444760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2013-11-08 1064224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-10-01 22059616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Program Files (x86)\Steam\Steam.exe [2015-01-23 1942720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"Sound Blaster Tactic3D Control Panel"=C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe [2014-07-03 2091008]

C:\Users\Matouskovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
TornTvDownloader.lnk - C:\Users\Matouskovi\AppData\Roaming\TornTV.com\TornTV Downloader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Users\ESTERK~1\AppData\Local\Linkey\IEEXTE~1\iedll64.dll C:\PROGRA~3\INTERE~1\INTERE~2.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-02-15 12:55:25 ----D---- C:\rsit
2015-02-15 12:55:25 ----D---- C:\Program Files\trend micro
2015-02-10 11:35:41 ----D---- C:\ProgramData\ChampionDeals
2015-02-08 11:05:52 ----D---- C:\Program Files (x86)\FFLExibleSShOuPpere
2015-02-08 11:05:42 ----D---- C:\Program Files (x86)\SMeAartCOmpare
2015-02-08 11:05:37 ----D---- C:\Program Files (x86)\Bubble Elements
2015-02-07 17:05:16 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2015-02-03 18:13:02 ----D---- C:\ProgramData\SuperManCoupon
2015-01-28 13:51:45 ----D---- C:\Program Files (x86)\saveoRoinn
2015-01-28 13:51:10 ----D---- C:\ProgramData\clfaldpgocbhophahlbklehlilcogebk
2015-01-28 13:51:04 ----D---- C:\Program Files (x86)\One Number
2015-01-28 13:30:44 ----D---- C:\Program Files (x86)\savinshhop
2015-01-28 13:30:32 ----D---- C:\Program Files (x86)\ttoopdeal
2015-01-18 13:18:11 ----D---- C:\ProgramData\AppptoUo

======List of files/folders modified in the last 1 month======

2015-02-15 12:55:25 ----RD---- C:\Program Files
2015-02-15 12:55:04 ----D---- C:\Windows\temp
2015-02-15 12:19:28 ----D---- C:\Windows\system32\Tasks
2015-02-15 11:49:59 ----D---- C:\Windows\system32\config
2015-02-15 11:21:49 ----D---- C:\Windows\System32
2015-02-15 11:21:49 ----D---- C:\Windows\inf
2015-02-15 11:21:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-15 11:15:35 ----D---- C:\ProgramData\NVIDIA
2015-02-14 20:29:56 ----D---- C:\Program Files (x86)\Opera
2015-02-13 19:12:39 ----SHD---- C:\System Volume Information
2015-02-11 20:18:33 ----D---- C:\Windows\SysWOW64
2015-02-11 20:18:19 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2015-02-11 16:51:33 ----D---- C:\Windows\system32\NDF
2015-02-10 11:35:41 ----D---- C:\ProgramData
2015-02-10 11:17:26 ----D---- C:\Windows\system32\catroot2
2015-02-08 11:06:00 ----D---- C:\ProgramData\14747293520112485990UL
2015-02-08 11:05:52 ----RD---- C:\Program Files (x86)
2015-02-07 17:08:24 ----D---- C:\ProgramData\FineeDealSOffti
2015-02-07 17:05:34 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-29 19:37:12 ----D---- C:\ProgramData\TperfeectcoUpon
2015-01-25 17:44:37 ----D---- C:\Users\Matouskovi\AppData\Roaming\TS3Client
2015-01-22 17:47:49 ----D---- C:\Users\Matouskovi\AppData\Roaming\Spy Emergency
2015-01-18 13:19:04 ----D---- C:\ProgramData\cca8e95270b98666
2015-01-17 18:59:50 ----D---- C:\Users\Matouskovi\AppData\Roaming\Skype
2015-01-16 16:35:47 ----D---- C:\Users\Matouskovi\AppData\Roaming\.minecraft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 RzFilter;RzFilter; C:\Windows\system32\drivers\RzFilter.sys [2014-02-21 74432]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-11-09 386680]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-11-10 283064]
R1 SpyEmrg;Spy Emergency Driver; C:\Windows\System32\Drivers\spyemrg.sys [2011-04-21 17240]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2013-12-11 16056]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2011-09-16 72216]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2011-09-16 11552]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-03-20 197408]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-09-28 39200]
R3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver; C:\Windows\System32\Drivers\spyemrg_guard.sys [2011-04-21 18776]
S1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Settings Manager\smdmf\x64\smdmfmgrc2.cfg []
S3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-04-23 497152]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 SpyEmrgAccess;Spy Emergency OnAccess Driver; C:\Windows\System32\Drivers\spyemrg_access.sys [2011-04-21 24408]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 UHSfiltv;UHSfiltv; C:\Windows\system32\drivers\UHSfiltv.sys [2013-05-31 23552]
S3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 0c632643;Interenet Optimizer; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2011-10-19 423424]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2014-08-22 9216]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2014-11-03 376168]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-11-08 15125280]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-03-04 922968]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-11-08 1914656]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-07-22 76888]
R2 SpyEmrgSrv;Spy Emergency Engine Service; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [2013-03-11 3284008]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2015-02-09 5249808]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-01-23 834752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 EslWireHelper;ESL Wire Helper Service; C:\Program Files\EslWire\service\WireHelperSvc.exe []
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-01-07 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-14 116648]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -s []
S2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe -service []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S2 SmdmFService;SmdmF Service; C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-07 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-08-13 448384]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-01-07 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-14 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[vyosek]

Zdravim

Podobny bordel si muzete nainstalovat jako nabizene doplnky k legitimnim programum - vizte ukazky zde http://forum.viry.cz/viewtopic.php?f=24&t=142553

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[petal219]

Adw cleaner log:
# AdwCleaner v4.110 - Logfile created 15/02/2015 at 13:19:41
# Updated 05/02/2015 by Xplode
# Database : 2015-02-05.2 [Local]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Matouskovi - MATOUSKOVI-PC
# Running from : C:\Users\Matouskovi\Desktop\adwcleaner_4.110.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
[#] Service Deleted : IePluginServices
[#] Service Deleted : SmdmFService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\374311380
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\IePluginServices
[!] Folder Deleted : C:\ProgramData\Interenet Optimizer
Folder Deleted : C:\ProgramData\SecTaskMan
Folder Deleted : C:\ProgramData\smdmf
Folder Deleted : C:\ProgramData\topdeal
Folder Deleted : C:\ProgramData\getthediscount
Folder Deleted : C:\ProgramData\lowpricesapp
Folder Deleted : C:\ProgramData\SoftCoup
Folder Deleted : C:\ProgramData\SaverAddon
Folder Deleted : C:\ProgramData\shopndrop
Folder Deleted : C:\ProgramData\FineeDealSOffti
Folder Deleted : C:\ProgramData\SuperManCoupon
Folder Deleted : C:\ProgramData\TperfeectcoUpon
Folder Deleted : C:\ProgramData\14747293520112485990UL
Folder Deleted : C:\ProgramData\cca8e95270b98666
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\Settings Manager
Folder Deleted : C:\Program Files (x86)\Radio Canyon
Folder Deleted : C:\Program Files (x86)\Internet Speed Checker
Folder Deleted : C:\Users\EsterkaPú\AppData\Local\globalUpdate
Folder Deleted : C:\Users\EsterkaPú\AppData\Local\Linkey
Folder Deleted : C:\Users\EsterkaPú\AppData\Roaming\FirefoxToolbar
Folder Deleted : C:\Users\EsterkaPú\AppData\Roaming\RHEng
Folder Deleted : C:\Users\Gianluca\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Gianluca\AppData\Local\SoftonicAssistant
Folder Deleted : C:\Users\Gianluca\AppData\LocalLow\Radio Canyon
Folder Deleted : C:\Users\Matouskovi\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Matouskovi\AppData\Local\WinRST
Folder Deleted : C:\Users\Matouskovi\AppData\LocalLow\Radio Canyon
Folder Deleted : C:\Users\Matouskovi\AppData\LocalLow\Internet Speed Checker
Folder Deleted : C:\Users\Matouskovi\Documents\Optimizer Pro
Folder Deleted : C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\Extensions\extension@linkeyproject.com
Folder Deleted : C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\Extensions\faststartff@gmail.com
Folder Deleted : C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\Extensions\sepherdwilbur@aol.com
Folder Deleted : C:\Users\Gianluca\AppData\Roaming\Mozilla\Firefox\Profiles\48szkt78.default\Extensions\sepherdwilbur@aol.com
Folder Deleted : C:\Users\Jindřiška\AppData\Roaming\Mozilla\Firefox\Profiles\9nj1kh0k.default\Extensions\sepherdwilbur@aol.com
Folder Deleted : C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\Extensions\sepherdwilbur@aol.com
Folder Deleted : C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\Gianluca\AppData\Roaming\Mozilla\Firefox\Profiles\48szkt78.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\Jindřiška\AppData\Roaming\Mozilla\Firefox\Profiles\9nj1kh0k.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com
Folder Deleted : C:\Users\Gianluca\AppData\Roaming\Mozilla\Firefox\Profiles\48szkt78.default\Extensions\H@WMwGwZjR.org
Folder Deleted : C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\Extensions\H@WMwGwZjR.org
Folder Deleted : C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\Extensions\bjEWFzQQnQ@2.com
Folder Deleted : C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\Extensions\h@Zo3VB0.org
Folder Deleted : C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\Extensions\j88uM@vlXeY.org
Folder Deleted : C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\Extensions\jaHk@K.edu
Folder Deleted : C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\Extensions\Pk8aU@Ufp0H0.edu
Folder Deleted : C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\Extensions\RK@hFGbCFuJN.net
Folder Deleted : C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\Extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
Folder Deleted : C:\Users\Gianluca\AppData\Roaming\Mozilla\Firefox\Profiles\48szkt78.default\Extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
Folder Deleted : C:\Users\Jindřiška\AppData\Roaming\Mozilla\Firefox\Profiles\9nj1kh0k.default\Extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
Folder Deleted : C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\Extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
Folder Deleted : C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah
Folder Deleted : C:\Users\Jindřiška\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah
Folder Deleted : C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah
Folder Deleted : C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\Extensions\jliolpcnkmolaaecncdfeofombdekjcp
Folder Deleted : C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jliolpcnkmolaaecncdfeofombdekjcp
Folder Deleted : C:\Users\Jindřiška\AppData\Local\Google\Chrome\User Data\Default\Extensions\jliolpcnkmolaaecncdfeofombdekjcp
Folder Deleted : C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jliolpcnkmolaaecncdfeofombdekjcp
Folder Deleted : C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcijkonhppildbjgkdaglmeoeemcldha
Folder Deleted : C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcijkonhppildbjgkdaglmeoeemcldha
Folder Deleted : C:\Users\Jindřiška\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcijkonhppildbjgkdaglmeoeemcldha
Folder Deleted : C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcijkonhppildbjgkdaglmeoeemcldha
Folder Deleted : C:\Users\EsterkaPú\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbglkiiiofelplniblholffbhhjmdhhi
Folder Deleted : C:\Users\Matouskovi\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbglkiiiofelplniblholffbhhjmdhhi
File Deleted : C:\Users\EsterkaPú\AppData\LocalLow\SkwConfig.bin
File Deleted : C:\Users\Jindřiška\AppData\LocalLow\SkwConfig.bin
File Deleted : C:\Users\Matouskovi\AppData\LocalLow\SkwConfig.bin
File Deleted : C:\Users\Matouskovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk
File Deleted : C:\Users\Gianluca\AppData\Roaming\Mozilla\Firefox\Profiles\48szkt78.default\invalidprefs.js
File Deleted : C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\searchplugins\default-search.xml
File Deleted : C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
File Deleted : C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\user.js
File Deleted : C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Jindřiška\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Jindřiška\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage-journal
File Deleted : C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\Jindřiška\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Jindřiška\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage
File Deleted : C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
File Deleted : C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal

***** [ Scheduled tasks ] *****

Task Deleted : EPUpdater
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : 307579cc-108b-4551-9f7f-cbd042fabf42-1
Task Deleted : 307579cc-108b-4551-9f7f-cbd042fabf42-11
Task Deleted : 307579cc-108b-4551-9f7f-cbd042fabf42-4
Task Deleted : 307579cc-108b-4551-9f7f-cbd042fabf42-5
Task Deleted : 307579cc-108b-4551-9f7f-cbd042fabf42-5_user
Task Deleted : 307579cc-108b-4551-9f7f-cbd042fabf42-6
Task Deleted : 307579cc-108b-4551-9f7f-cbd042fabf42-7
Task Deleted : bbac79df-f3bf-4ebc-98c7-8c8e65597d04-1
Task Deleted : bbac79df-f3bf-4ebc-98c7-8c8e65597d04-11
Task Deleted : bbac79df-f3bf-4ebc-98c7-8c8e65597d04-4
Task Deleted : bbac79df-f3bf-4ebc-98c7-8c8e65597d04-5
Task Deleted : bbac79df-f3bf-4ebc-98c7-8c8e65597d04-5_user
Task Deleted : bbac79df-f3bf-4ebc-98c7-8c8e65597d04-6
Task Deleted : bbac79df-f3bf-4ebc-98c7-8c8e65597d04-7

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Matouskovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Matouskovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Matouskovi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Torntv Downloader]
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\AppID\iedll.dll
Key Deleted : HKCU\Software\Mozilla\Extends
Key Deleted : HKLM\SOFTWARE\Classes\.
Key Deleted : HKLM\SOFTWARE\Classes\..9
Key Deleted : HKLM\SOFTWARE\Classes\SaverAddon.SaverAddon
Key Deleted : HKLM\SOFTWARE\Classes\SaverAddon.SaverAddon.9
Key Deleted : HKLM\SOFTWARE\Classes\P2c069121_6399_4df6_a468_915a295e5b6f_.P2c069121_6399_4df6_a468_915a295e5b6f_
Key Deleted : HKLM\SOFTWARE\Classes\P2c069121_6399_4df6_a468_915a295e5b6f_.P2c069121_6399_4df6_a468_915a295e5b6f_.9
Key Deleted : HKLM\SOFTWARE\Classes\finedeal.finedeal
Key Deleted : HKLM\SOFTWARE\Classes\finedeal.finedeal.9
Key Deleted : HKLM\SOFTWARE\Classes\P9a3c7949_e4de_4883_b8d4_4ea0f4c070b4_.P9a3c7949_e4de_4883_b8d4_4ea0f4c070b4_
Key Deleted : HKLM\SOFTWARE\Classes\P9a3c7949_e4de_4883_b8d4_4ea0f4c070b4_.P9a3c7949_e4de_4883_b8d4_4ea0f4c070b4_.9
Key Deleted : HKLM\SOFTWARE\Classes\Pb3af377a_3d15_4510_8f78_59a13ed712de_.Pb3af377a_3d15_4510_8f78_59a13ed712de_
Key Deleted : HKLM\SOFTWARE\Classes\Pb3af377a_3d15_4510_8f78_59a13ed712de_.Pb3af377a_3d15_4510_8f78_59a13ed712de_.9
Key Deleted : HKLM\SOFTWARE\Classes\Pf1f7024a_77b2_4c52_9c3d_0144c7944261_.Pf1f7024a_77b2_4c52_9c3d_0144c7944261_
Key Deleted : HKLM\SOFTWARE\Classes\Pf1f7024a_77b2_4c52_9c3d_0144c7944261_.Pf1f7024a_77b2_4c52_9c3d_0144c7944261_.9
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c632643}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14c33b96-8815-4889-ac5a-c8e22abc8fbd}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19766f37-672d-4037-b893-7b3d120febb9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2c069121-6399-4df6-a468-915a295e5b6f}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{50d8d9ec-a74b-4a3b-8c6b-7ed89d624aa2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9a3c7949-e4de-4883-b8d4-4ea0f4c070b4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{b3af377a-3d15-4510-8f78-59a13ed712de}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{f1f7024a-77b2-4c52-9c3d-0144c7944261}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611081104}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171152}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622082204}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172252}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA760BA8-5862-4BC5-9263-4452CBC0B264}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655085504}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175552}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666086604}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176652}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{079E2F0F-FCA0-4163-BC82-5355B879E86E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{230332DF-D235-47EE-BC42-60860EF144CD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AEF2BB85-DF75-41E2-8366-FB89A5F869F9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E0D6077D-7186-48B2-A6C6-2F7C533E8CFF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644084404}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644174452}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14c33b96-8815-4889-ac5a-c8e22abc8fbd}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19766f37-672d-4037-b893-7b3d120febb9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2c069121-6399-4df6-a468-915a295e5b6f}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50d8d9ec-a74b-4a3b-8c6b-7ed89d624aa2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9a3c7949-e4de-4883-b8d4-4ea0f4c070b4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b3af377a-3d15-4510-8f78-59a13ed712de}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f1f7024a-77b2-4c52-9c3d-0144c7944261}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611081104}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14c33b96-8815-4889-ac5a-c8e22abc8fbd}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{19766f37-672d-4037-b893-7b3d120febb9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2c069121-6399-4df6-a468-915a295e5b6f}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50d8d9ec-a74b-4a3b-8c6b-7ed89d624aa2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9a3c7949-e4de-4883-b8d4-4ea0f4c070b4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b3af377a-3d15-4510-8f78-59a13ed712de}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{f1f7024a-77b2-4c52-9c3d-0144c7944261}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611081104}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611171152}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{14c33b96-8815-4889-ac5a-c8e22abc8fbd}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{19766f37-672d-4037-b893-7b3d120febb9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2c069121-6399-4df6-a468-915a295e5b6f}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{50d8d9ec-a74b-4a3b-8c6b-7ed89d624aa2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9a3c7949-e4de-4883-b8d4-4ea0f4c070b4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{b3af377a-3d15-4510-8f78-59a13ed712de}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{f1f7024a-77b2-4c52-9c3d-0144c7944261}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611081104}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611171152}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{14c33b96-8815-4889-ac5a-c8e22abc8fbd}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{19766f37-672d-4037-b893-7b3d120febb9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2c069121-6399-4df6-a468-915a295e5b6f}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{50d8d9ec-a74b-4a3b-8c6b-7ed89d624aa2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9a3c7949-e4de-4883-b8d4-4ea0f4c070b4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{b3af377a-3d15-4510-8f78-59a13ed712de}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{f1f7024a-77b2-4c52-9c3d-0144c7944261}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{14c33b96-8815-4889-ac5a-c8e22abc8fbd}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{19766f37-672d-4037-b893-7b3d120febb9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2c069121-6399-4df6-a468-915a295e5b6f}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{50d8d9ec-a74b-4a3b-8c6b-7ed89d624aa2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9a3c7949-e4de-4883-b8d4-4ea0f4c070b4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{b3af377a-3d15-4510-8f78-59a13ed712de}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{f1f7024a-77b2-4c52-9c3d-0144c7944261}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611081104}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171152}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622082204}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172252}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AA760BA8-5862-4BC5-9263-4452CBC0B264}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655085504}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175552}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666086604}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176652}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14c33b96-8815-4889-ac5a-c8e22abc8fbd}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19766f37-672d-4037-b893-7b3d120febb9}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2c069121-6399-4df6-a468-915a295e5b6f}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50d8d9ec-a74b-4a3b-8c6b-7ed89d624aa2}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9a3c7949-e4de-4883-b8d4-4ea0f4c070b4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b3af377a-3d15-4510-8f78-59a13ed712de}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f1f7024a-77b2-4c52-9c3d-0144c7944261}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611081104}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Bitberry
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\TornTv Downloader
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Radio Canyon
Key Deleted : HKCU\Software\AppDataLow\Software\Internet Speed Checker
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Pirrit
Key Deleted : HKLM\SOFTWARE\SmdmF
Key Deleted : HKLM\SOFTWARE\WinUpd
Key Deleted : HKLM\SOFTWARE\SI-App
Key Deleted : HKLM\SOFTWARE\RST
Key Deleted : HKLM\SOFTWARE\Radio Canyon
Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
Key Deleted : HKLM\SOFTWARE\Internet Speed Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Radio Canyon
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7540FDBD-7FDC-30AE-3778-815CB87DBE46}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Speed Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{10A0E600-D246-BD63-F465-4C849C688998}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7E7FAE3D-3358-D280-8DBF-E8E2D94326D1}
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Pirrit
Key Deleted : [x64] HKLM\SOFTWARE\WinUpd
Key Deleted : [x64] HKLM\SOFTWARE\SI-App
Key Deleted : [x64] HKLM\SOFTWARE\RST
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\users\esterk~1\appdata\local\linkey\ieexte~1\iedll.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\intere~1\intere~1.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\Users\ESTERK~1\AppData\Local\Linkey\IEEXTE~1\iedll64.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\INTERE~1\INTERE~2.DLL
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mystartsearch.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.mystartsearch.com

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [First Home Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v32.0 (x86 cs)

[4xafesmr.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.gboxapp.com/");
[4xafesmr.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "default-search.net");
[4xafesmr.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "default-search.net");
[4xafesmr.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "default-search.net");
[4xafesmr.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://www.default-search.net/search?sid=503&a ... &src=ds&p=");
[48szkt78.default\prefs.js] - Line Deleted : user_pref("extensions.asepherdwilburaolcom61752.61752.internaldb.Resources_meta.value", "%7B%22images/icon_255x255.png%22%3A%7B%22id%22%3A750126%2C%22ver%22%3A1%2C%22status%22%3A1%2C%22name%22%3A%22im[...]
[48szkt78.default\prefs.js] - Line Deleted : user_pref("extensions.asepherdwilburaolcom61752.61752.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3A%7B%22urls[...]
[48szkt78.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "149eb37bf0d1a20178c1ccac85cf93fa");
[48szkt78.default\prefs.js] - Line Deleted : user_pref("extensions.y08EOSsfw3uPCNzY.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[9nj1kh0k.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.gboxapp.com/");
[smscr827.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[smscr827.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.gboxapp.com/");
[smscr827.default\prefs.js] - Line Deleted : user_pref("extensions.ZgWmEyiUpYL69Esn.url", "hxxp://liversy.info/sync2/?q=hfZ9oeqEAGhEAen0qHC6tMqLDe49CNU0n8OMCMlNhd9FqdwGrTnGrjwErjkMBzqUojw8rdwGqHw5qdYHqch7hfs0pihPBMn0rTw9qHn5rHg9qGhHC7n0qTnGqjw6p[...]
[smscr827.default\prefs.js] - Line Deleted : user_pref("extensions.a1853a82ece444a8ca6fe9bcf74a655754b6b1c165f0a4ef0866fb063e235ef97com60804.60804.internaldb.Resources_meta.value", "%7B%22popup.html%22%3A%7B%22id%22%3A954465%2C%22ver%22%3A12%2C%[...]
[smscr827.default\prefs.js] - Line Deleted : user_pref("extensions.a1853a82ece444a8ca6fe9bcf74a655754b6b1c165f0a4ef0866fb063e235ef97com60804.60804.internaldb.Resources_resource_954465.value", "%22%3C%21DOCTYPE%20html%3E%5Cr%5Cn%3Chtml%3E%5Cr%5Cn[...]
[smscr827.default\prefs.js] - Line Deleted : user_pref("extensions.a1853a82ece444a8ca6fe9bcf74a655754b6b1c165f0a4ef0866fb063e235ef97com60804.60804.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
[smscr827.default\prefs.js] - Line Deleted : user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7[...]
[smscr827.default\prefs.js] - Line Deleted : user_pref("extensions.asepherdwilburaolcom61752.61752.internaldb.Resources_meta.value", "%7B%22images/icon_255x255.png%22%3A%7B%22id%22%3A750126%2C%22ver%22%3A1%2C%22status%22%3A1%2C%22name%22%3A%22im[...]
[smscr827.default\prefs.js] - Line Deleted : user_pref("extensions.asepherdwilburaolcom61752.61752.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3A%7B%22urls[...]
[smscr827.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "149903b77d54e51cecbc78d2ef4b9b48");
[smscr827.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[smscr827.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

-\\ Google Chrome v39.0.2171.71

[C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
[C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559
[C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb139/?loc=IB_DS&search={searchTerms}&a=6R8q0a5uB1&i=26
[C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb139/?loc=IB_DS&search={searchTerms}&a=6R8q0a5uB1&i=26
[C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www1.delta-search.com/?q={searchTerms}&affID=119529&babsrc=SP_ss&mntrId=50EA001EC94DEC92
[C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : fpmeembnagmagppkgghhfjfdfajdfcah
[C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : jliolpcnkmolaaecncdfeofombdekjcp
[C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : fcijkonhppildbjgkdaglmeoeemcldha
[C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Homepage] : hxxp://search.gboxapp.com/
[C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : fpmeembnagmagppkgghhfjfdfajdfcah
[C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : jliolpcnkmolaaecncdfeofombdekjcp
[C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : fcijkonhppildbjgkdaglmeoeemcldha
[C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Homepage] : hxxp://search.gboxapp.com/
[C:\Users\Jindřiška\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : fpmeembnagmagppkgghhfjfdfajdfcah
[C:\Users\Jindřiška\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : jliolpcnkmolaaecncdfeofombdekjcp
[C:\Users\Jindřiška\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : fcijkonhppildbjgkdaglmeoeemcldha
[C:\Users\Jindřiška\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Homepage] : hxxp://search.gboxapp.com/
[C:\Users\Jindřiška\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://search.gboxapp.com/
[C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : fpmeembnagmagppkgghhfjfdfajdfcah
[C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : jliolpcnkmolaaecncdfeofombdekjcp
[C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : fcijkonhppildbjgkdaglmeoeemcldha
[C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Homepage] : hxxp://search.gboxapp.com/
[C:\Users\Matouskovi\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&search={searchTerms}&a=6Oz0h0D3Jh&i=26
[C:\Users\Matouskovi\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&search={searchTerms}&a=6Oz0h0D3Jh&i=26

-\\ Opera v27.0.1689.69

[C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
[C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559
[C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb139/?loc=IB_DS&search={searchTerms}&a=6R8q0a5uB1&i=26
[C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb139/?loc=IB_DS&search={searchTerms}&a=6R8q0a5uB1&i=26
[C:\Users\EsterkaPú\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www1.delta-search.com/?q={searchTerms}&affID=119529&babsrc=SP_ss&mntrId=50EA001EC94DEC92
[C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Matouskovi\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&search={searchTerms}&a=6Oz0h0D3Jh&i=26
[C:\Users\Matouskovi\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&search={searchTerms}&a=6Oz0h0D3Jh&i=26

*************************

AdwCleaner[R1].txt - [49790 bytes] - [15/02/2015 13:16:20]
AdwCleaner[S1].txt - [45437 bytes] - [15/02/2015 13:19:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [45497 bytes] ##########

[vyosek]

Nedavejte logy do "quote"

Pokracujte Zoek-em

[petal219]

zoek se odmítá spustit

[vyosek]

Dejte tedy FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

[petal219]

zoek se spustil ale již 20minut běží ale příjde mi že neuvěřitelně pomalu

[petal219]

zde je prozatimní průběh zoeku:
Zoek.exe v5.0.0.0 Updated 15-February-2015
Tool run by Matouskovi on ne 15.02.2015 at 14:10:07,22.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Matouskovi\Desktop\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 14:13:00,91 =====

--- Create Environment Variables 14:13:02,56
--- Checking Input 14:13:12,50
--- Reset Hosts File 14:13:18,67
--- AU AppData Check 14:13:19,09
--- Remove From Windows Installer 14:13:22,40
--- Registry HKLM Software Check 14:14:33,41
--- StartMenuInternet Check 14:14:43,04
--- Quick Launch Shortcut Check 14:14:47,28
--- IE Startpage Check 14:14:50,18
--- Program Files DB Check 14:15:47,08
--- C:\Users\Default\AppData\Roaming DB Check 14:21:23,54
--- C:\Users\Default User\AppData\Roaming DB Check 14:21:23,54
--- C:\Users\Gianluca\AppData\Roaming DB Check 14:21:23,54
--- C:\Users\Matouskovi\AppData\Roaming DB Check 14:21:23,54
--- C:\Users\UpdatusUser\AppData\Roaming DB Check 14:21:23,54
--- C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 14:21:23,54
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 14:21:23,54
--- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 14:21:23,54
--- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 14:21:23,54
--- C:\Users\Matouskovi DB Check 14:23:32,52

[vyosek]

Ono mu to obcas trva Tak jej zatim nechte a uvidime, kdyby se sekl na vic jak 30 min bez zadneho radku, tak jej ukoncete a dejte FRST

[petal219]

FRST log (s běžícím zoekem) zoek zatím jakž takž pracuje
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-02-2015
Ran by Matouskovi (administrator) on MATOUSKOVI-PC on 15-02-2015 14:35:42
Running from C:\Users\Matouskovi\Desktop
Loaded Profiles: Matouskovi & UpdatusUser (Available profiles: Matouskovi & EsterkaPú & Jindřiška & Gianluca & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyWow64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Users\Matouskovi\Desktop\zoek.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Matouskovi\AppData\Local\Temp\PEVZ.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Matouskovi\Desktop\FRSTLauncher (2).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [151552 2013-06-29] (IvoSoft)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2011-09-16] (LogMeIn, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Sound Blaster Tactic3D Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe [2091008 2014-07-03] (Creative Technology Ltd)
HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe [3231032 2013-10-03] (NETGATE Technologies s.r.o.)
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\...\RunOnce: [ProdReg] => C:\Program Files (x86)\Creative\Product Registration\ProdReg.exe [1690112 2014-02-24] (Creative Technology Ltd)
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\...\RunOnce: [CTPostBootSequencer] => "C:\Users\MATOUS~1\AppData\Local\Temp\CTPBSeq.exe" /reglaunch /self_destruct <===== ATTENTION
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... 12454&OSP=
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {05EF0A21-C92E-4743-8E39-730E26024039} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {48FB8B09-5758-462C-971F-8241120BC74F} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {4F833CAA-94E3-40C1-BE60-4F3FBA29F155} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {7FB123D2-EA11-4D13-B9B7-18D27F58A421} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {96382310-48A0-4DDF-AD92-613B8A5CB223} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {B698D1D6-D6AF-4397-8E21-CAC7D387B574} URL = http://www.google.cz/search?q={searchTe ... {startPage}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {CDBF616F-FE64-4FDF-BE82-9D58616AA328} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {CE67BA7D-24B5-4481-AFB4-48B896032C3A} URL = http://search.seznam.cz/?q={searchTerms ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {DC303589-C36F-4BB1-8484-B5FAC272634A} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {E5C3AF93-9698-4585-A13D-2D96003B49F5} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {05EF0A21-C92E-4743-8E39-730E26024039} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {48FB8B09-5758-462C-971F-8241120BC74F} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {4F833CAA-94E3-40C1-BE60-4F3FBA29F155} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {7FB123D2-EA11-4D13-B9B7-18D27F58A421} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {96382310-48A0-4DDF-AD92-613B8A5CB223} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {B698D1D6-D6AF-4397-8E21-CAC7D387B574} URL = http://www.google.cz/search?q={searchTe ... {startPage}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {CDBF616F-FE64-4FDF-BE82-9D58616AA328} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {CE67BA7D-24B5-4481-AFB4-48B896032C3A} URL = http://search.seznam.cz/?q={searchTerms ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {DC303589-C36F-4BB1-8484-B5FAC272634A} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {E5C3AF93-9698-4585-A13D-2D96003B49F5} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.co ... 5.11.0.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\EsterkaPú\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1528716315-3860698994-2152196103-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Matouskovi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1528716315-3860698994-2152196103-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: skipcerterrorfoudilfr - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\Extensions\skipcerterror@foudil.fr [2014-11-12]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\faststartff@gmail.com [Not Found]
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [Not Found]
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com [Not Found]
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\sepherdwilbur@aol.com [Not Found]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (One Number) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfkohgkpafhkpdcnfadadcibfboapggi [2015-01-28]
CHR Extension: (Sprucemarks) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fakeocdnmmmnokabaiflppclocckihoj [2015-01-07]
CHR Extension: (Close Tabs) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gadafnnkijfmbbmeielphlapddbmgbgo [2014-12-13]
CHR Extension: (Chromium Updater) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcmicnfbmcjhlbdohdmdhfjlbigkcddl [2014-12-29]
CHR Extension: (Skype Click to Call) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-06-10]
CHR Extension: (Browse Faster) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponhjlldbpnmeieenmaacddmlfpdielh [2015-01-18]
CHR Profile: C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Prezentace Google) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-19]
CHR Extension: (Dokumenty Google) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-19]
CHR Extension: (Disk Google) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-19]
CHR Extension: (YouTube) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-19]
CHR Extension: (Vyhledávání Google) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-19]
CHR Extension: (Bubble Elements) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fcijkonhppildbjgkdaglmeoeemcldha [2015-02-08]
CHR Extension: (Tabulky Google) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-19]
CHR Extension: (Skype Click to Call) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-01-19]
CHR Extension: (Gmail) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

Opera:
=======
OPR Extension: (Radio Canyon) - C:\Users\Matouskovi\AppData\Roaming\Opera Software\Opera Stable\Extensions\bikofacodmhdpkfdeeocponfcgjcdfbk [2014-10-27]
StartMenuInternet: (HKLM) Opera - C:\Program Files (x86)\Opera\Opera.exe http://www.mystartsearch.com/?type=sc&t ... 3342433424

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-08-13] ()
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376168 2014-11-03] (LogMeIn, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-08] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-07-22] ()
R2 SpyEmrgSrv; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [3284008 2013-03-11] (NETGATE Technologies s.r.o.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 0c632643; "C:\Windows\system32\rundll32.exe" "c:\progra~3\intere~1\InterenetOptimizerSvc.dll",service
S2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [X]
S2 Hamachi2Svc; "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ADIHdAudAddService; C:\Windows\System32\drivers\ADIHdAud.sys [497152 2009-04-23] (Analog Devices, Inc.) [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-10] (Disc Soft Ltd)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-12-11] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2014-02-21] (Razer, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-11-09] (Duplex Secure Ltd.)
R1 SpyEmrg; C:\Windows\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\Windows\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o.)
R3 SpyEmrgGuard; C:\Windows\System32\Drivers\spyemrg_guard.sys [18776 2011-04-21] (NETGATE Technologies s.r.o.)
S3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2013-05-31] (Creative Technology Ltd.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-15 14:35 - 2015-02-15 14:36 - 00028061 _____ () C:\Users\Matouskovi\Desktop\FRST.txt
2015-02-15 14:35 - 2015-02-15 14:35 - 00000000 ____D () C:\FRST
2015-02-15 14:34 - 2015-02-15 14:33 - 02134528 _____ (Farbar) C:\Users\Matouskovi\Desktop\FRST64.exe
2015-02-15 14:33 - 2015-02-15 14:33 - 02134528 _____ (Farbar) C:\Users\Matouskovi\Downloads\FRST64.exe
2015-02-15 14:32 - 2015-02-15 14:32 - 00112640 _____ (forum.viry.cz) C:\Users\Matouskovi\Downloads\Nepotvrzeno 206061.crdownload
2015-02-15 14:32 - 2015-02-15 14:32 - 00112640 _____ (forum.viry.cz) C:\Users\Matouskovi\Downloads\Nepotvrzeno 149854.crdownload
2015-02-15 14:32 - 2015-02-15 14:32 - 00112640 _____ (forum.viry.cz) C:\Users\Matouskovi\Downloads\FRSTLauncher (2).exe
2015-02-15 14:32 - 2015-02-15 14:32 - 00112640 _____ (forum.viry.cz) C:\Users\Matouskovi\Desktop\FRSTLauncher (2).exe
2015-02-15 14:13 - 2015-02-15 14:07 - 00001333 _____ () C:\zoek-results2015-02-15-130727.log
2015-02-15 14:07 - 2015-02-15 13:28 - 00001806 _____ () C:\zoek-results2015-02-15-122826.log
2015-02-15 13:54 - 2015-02-15 13:54 - 00000021 _____ () C:\folders.log
2015-02-15 13:27 - 2014-06-10 15:12 - 00011186 _____ () C:\zoek-results2014-06-10-141202.log
2015-02-15 13:24 - 2015-02-15 14:36 - 00002487 _____ () C:\runcheck.txt
2015-02-15 13:24 - 2015-02-15 13:24 - 00000000 ____D () C:\zoek_backup
2015-02-15 13:23 - 2015-02-15 13:23 - 01304576 _____ () C:\Users\Matouskovi\Downloads\zoek.exe
2015-02-15 13:23 - 2015-02-15 13:23 - 01304576 _____ () C:\Users\Matouskovi\Desktop\zoek.exe
2015-02-15 13:16 - 2015-02-15 13:19 - 00000000 ____D () C:\AdwCleaner
2015-02-15 13:14 - 2015-02-15 13:14 - 02112512 _____ () C:\Users\Matouskovi\Desktop\adwcleaner_4.110.exe
2015-02-15 13:13 - 2015-02-15 13:14 - 02112512 _____ () C:\Users\Matouskovi\Downloads\adwcleaner_4.110.exe
2015-02-15 13:12 - 2015-02-15 13:13 - 00225167 _____ () C:\Users\Matouskovi\Downloads\avgremover.log
2015-02-15 13:12 - 2015-02-15 13:12 - 03681088 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Matouskovi\Downloads\avg_remover_stf_x64_2015_5501.exe
2015-02-15 12:55 - 2015-02-15 12:55 - 00000000 ____D () C:\rsit
2015-02-15 12:55 - 2015-02-15 12:55 - 00000000 ____D () C:\Program Files\trend micro
2015-02-15 12:54 - 2015-02-15 12:54 - 01222144 _____ () C:\Users\Matouskovi\Downloads\RSITx64.exe
2015-02-15 11:20 - 2015-02-15 11:20 - 00000020 _____ () C:\Users\EsterkaPú\AppData\Roaming\appdataFr3.bin
2015-02-10 11:17 - 2015-02-10 11:17 - 00000020 _____ () C:\Users\Jindřiška\AppData\Roaming\appdataFr3.bin
2015-02-09 15:08 - 2015-02-09 15:32 - 00982266 _____ () C:\Users\Matouskovi\Desktop\Nový Prezentace aplikace Microsoft PowerPoint (2).pptx
2015-02-07 17:05 - 2015-02-07 17:05 - 05070512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-02-07 16:37 - 2015-02-15 10:46 - 00000020 _____ () C:\Users\Matouskovi\AppData\Roaming\appdataFr3.bin
2015-02-01 19:34 - 2015-02-01 19:50 - 00000000 ____D () C:\Users\EsterkaPú\Desktop\LG
2015-02-01 19:32 - 2015-02-01 19:32 - 00000000 ____D () C:\Users\EsterkaPú\AppData\Roaming\dvdcss
2015-01-21 17:24 - 2015-01-21 17:24 - 01182978 _____ () C:\Users\Matouskovi\Downloads\Semeno.pptx
2015-01-18 13:15 - 2015-01-30 16:54 - 00000004 _____ () C:\Users\Matouskovi\AppData\Roaming\appdataFr2.bin
2015-01-17 17:01 - 2015-01-18 13:03 - 03613797 _____ () C:\Users\Matouskovi\Desktop\Nový Prezentace aplikace Microsoft PowerPoint.pptx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-15 14:24 - 2014-06-21 09:09 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-15 14:16 - 2011-04-12 09:34 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2015-02-15 14:16 - 2011-04-12 09:34 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2015-02-15 14:16 - 2009-07-14 06:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-15 14:16 - 2009-07-14 05:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-15 14:16 - 2009-07-14 05:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-15 14:14 - 2012-11-07 17:08 - 01838828 _____ () C:\Windows\WindowsUpdate.log
2015-02-15 14:13 - 2014-06-10 14:59 - 00001382 _____ () C:\zoek-results.log
2015-02-15 14:09 - 2014-09-21 20:07 - 00095376 _____ () C:\Windows\setupact.log
2015-02-15 14:08 - 2014-09-28 11:28 - 00029130 _____ () C:\Windows\PFRO.log
2015-02-15 14:08 - 2014-06-21 09:09 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-15 14:08 - 2012-11-07 17:21 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-15 14:08 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-15 14:05 - 2014-07-09 08:05 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-15 13:19 - 2014-09-06 19:11 - 00000603 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-15 13:19 - 2014-09-06 19:11 - 00000603 _____ () C:\ProgramData\Desktop\Mozilla Firefox.lnk
2015-02-15 13:19 - 2014-04-12 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-15 13:19 - 2012-11-14 18:11 - 00000979 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-02-15 13:19 - 2012-11-07 17:09 - 00000979 _____ () C:\Users\Matouskovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-15 12:19 - 2014-05-07 19:44 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2015-02-15 11:21 - 2013-10-24 13:33 - 00000000 ____D () C:\Users\EsterkaPú\AppData\Roaming\Seznam.cz
2015-02-14 20:58 - 2012-12-08 17:22 - 00004010 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{961A0EA5-CBA7-4758-9183-B4472D8FEEE8}
2015-02-14 20:29 - 2012-11-14 18:11 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-13 10:56 - 2012-11-23 11:26 - 00000000 ____D () C:\Users\Matouskovi\AppData\Local\CrashDumps
2015-02-11 20:18 - 2012-11-23 11:33 - 00281392 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-02-11 20:18 - 2012-11-22 19:43 - 00281392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-11 20:15 - 2014-03-26 13:14 - 00000000 ____D () C:\Users\Matouskovi\AppData\Local\Battle.net
2015-02-11 16:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-11 16:08 - 2014-06-23 17:26 - 00003840 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1379855388
2015-02-10 11:23 - 2013-01-05 20:18 - 00000000 ____D () C:\Users\Jindřiška\AppData\Roaming\Skype
2015-02-10 11:22 - 2013-11-06 08:04 - 00000000 ____D () C:\Users\Jindřiška\AppData\Roaming\Seznam.cz
2015-02-10 11:18 - 2013-04-10 07:09 - 00000000 ____D () C:\Users\Jindřiška\AppData\Local\CrashDumps
2015-02-09 15:32 - 2013-11-30 12:36 - 06286848 ___SH () C:\Users\Matouskovi\Desktop\Thumbs.db
2015-02-07 17:05 - 2012-11-07 17:15 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-07 17:05 - 2012-11-07 17:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-07 17:05 - 2012-11-07 17:15 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-01 19:32 - 2014-05-22 19:35 - 00000000 ____D () C:\Users\EsterkaPú\AppData\Roaming\vlc
2015-01-26 16:47 - 2014-12-12 21:07 - 00000000 ____D () C:\Users\Matouskovi\Desktop\hudba
2015-01-25 17:44 - 2012-12-21 12:55 - 00000000 ____D () C:\Users\Matouskovi\AppData\Roaming\TS3Client
2015-01-22 17:47 - 2015-01-08 19:40 - 00000000 ____D () C:\Users\Matouskovi\AppData\Roaming\Spy Emergency
2015-01-22 15:18 - 2015-01-05 19:48 - 04582264 _____ () C:\Users\Matouskovi\Desktop\TechnicLauncher.exe
2015-01-22 10:29 - 2013-06-22 12:44 - 00000000 ____D () C:\Users\Matouskovi\Documents\Soubory aplikace Outlook
2015-01-19 14:15 - 2012-11-22 19:43 - 00281392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-01-17 18:59 - 2012-11-20 18:21 - 00000000 ____D () C:\Users\Matouskovi\AppData\Roaming\Skype
2015-01-16 16:35 - 2013-03-24 18:44 - 00000000 ____D () C:\Users\Matouskovi\AppData\Roaming\.minecraft

==================== Files in the root of some directories =======

2015-01-18 13:15 - 2015-01-30 16:54 - 0000004 _____ () C:\Users\Matouskovi\AppData\Roaming\appdataFr2.bin
2015-02-07 16:37 - 2015-02-15 10:46 - 0000020 _____ () C:\Users\Matouskovi\AppData\Roaming\appdataFr3.bin
2014-11-08 19:30 - 2014-11-08 19:35 - 2051992 _____ (esc) C:\Users\Matouskovi\AppData\Roaming\GCAQWS.exe
2014-01-01 10:30 - 2014-01-17 06:55 - 0000027 _____ () C:\Users\Matouskovi\AppData\Roaming\mskviy.dat
2014-01-01 10:30 - 2014-01-16 11:02 - 0001747 _____ () C:\Users\Matouskovi\AppData\Roaming\mssdxk.dat
2014-02-19 19:19 - 2014-02-19 19:19 - 0000600 _____ () C:\Users\Matouskovi\AppData\Roaming\winscp.rnd
2014-11-08 19:31 - 2014-11-08 19:35 - 1561496 _____ (esc) C:\Users\Matouskovi\AppData\Roaming\XTZ.exe
2012-11-20 13:48 - 2014-05-29 12:04 - 0007168 _____ () C:\Users\Matouskovi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-09 13:16 - 2014-01-09 13:16 - 0000852 _____ () C:\Users\Matouskovi\AppData\Local\recently-used.xbel
2012-11-07 17:54 - 2014-05-30 20:04 - 0007642 _____ () C:\Users\Matouskovi\AppData\Local\Resmon.ResmonCfg
2014-04-21 09:57 - 2014-04-21 09:57 - 4685824 _____ () C:\ProgramData\ClassicShellSetup64_4_1_0.msi

Some content of TEMP:
====================
C:\Users\Gianluca\AppData\Local\Temp\pcspeedup.exe
C:\Users\Gianluca\AppData\Local\Temp\SimBundD.exe
C:\Users\Gianluca\AppData\Local\Temp\SoftonicAssistant_v0-1-6.exe
C:\Users\Matouskovi\AppData\Local\Temp\7za.exe
C:\Users\Matouskovi\AppData\Local\Temp\DaS_21.exe
C:\Users\Matouskovi\AppData\Local\Temp\EslWireSetup-1.18.0.8085-x64.exe
C:\Users\Matouskovi\AppData\Local\Temp\EslWireSetup-1.18.0.8101-x64.exe
C:\Users\Matouskovi\AppData\Local\Temp\hijackthis.exe
C:\Users\Matouskovi\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Matouskovi\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Matouskovi\AppData\Local\Temp\NirCmd.exe
C:\Users\Matouskovi\AppData\Local\Temp\optprosetup.exe
C:\Users\Matouskovi\AppData\Local\Temp\PEVZ.EXE
C:\Users\Matouskovi\AppData\Local\Temp\remove.exe
C:\Users\Matouskovi\AppData\Local\Temp\sed.exe
C:\Users\Matouskovi\AppData\Local\Temp\shortcut.exe
C:\Users\Matouskovi\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Matouskovi\AppData\Local\Temp\sqlite3.dll
C:\Users\Matouskovi\AppData\Local\Temp\swreg.exe
C:\Users\Matouskovi\AppData\Local\Temp\swxcacls.exe
C:\Users\Matouskovi\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\Matouskovi\AppData\Local\Temp\wget.exe
C:\Users\Matouskovi\AppData\Local\Temp\zoek-delete.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-07 16:15




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:167.58 GB) (Free:9.78 GB) NTFS
Drive d: (Data disk) (Fixed) (Total:1863.01 GB) (Free:716.87 GB) NTFS
Drive e: (Sims3EP10) (CDROM) (Total:4.37 GB) (Free:0 GB) UDF

Available physical RAM: 2028.83 MB
Total physical RAM: 4029.62 MB
Percentage of memory in use: 49%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 0879521D)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 167.7 GB) (Disk ID: 34838E54)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=167.6 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Spy Emergency (Disabled - Up to date) {A77BE48A-B776-F747-8A39-C3ECDC95366D}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Matouskovi\Desktop" je 18231 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
"C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ESL Wire
"C:\Program Files\EslWire\wire.exe" --tray [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msvdbufSrv
"C:\Windows\system32\msvdbuf.vbe" mskviy mssdxk [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RaidCall
C:\Program Files (x86)\RaidCall\raidcall.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Razer Synapse
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay
C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"D:\Program Files (x86)\Steam\Steam.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DefaultOutboundAction REG_DWORD 0x0
DefaultInboundAction REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DefaultOutboundAction REG_DWORD 0x0
DefaultInboundAction REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[vyosek]

FRST pri bezicim ZOEK-u je zbytecny, on tam toho Zoek jeste dost vycisti a pozmeni...

Takze pockame na dokonceni Zoek-u a pak novy FRST

[petal219]

zoek doběhl zde je log :
Zoek.exe v5.0.0.0 Updated 15-February-2015
Tool run by Matouskovi on ne 15.02.2015 at 14:10:07,22.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Matouskovi\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-10-141202.log 11186 bytes
C:\zoek-results2015-02-15-122826.log 1806 bytes
C:\zoek-results2015-02-15-130727.log 1333 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\ESTERK~1\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\prefs.js:

Added to C:\Users\ESTERK~1\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Gianluca\AppData\Roaming\Mozilla\Firefox\Profiles\48szkt78.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("browser.search.useDBForOrder", "false");

Added to C:\Users\Gianluca\AppData\Roaming\Mozilla\Firefox\Profiles\48szkt78.default\prefs.js:

Deleted from C:\Users\JINDIK~1\AppData\Roaming\Mozilla\Firefox\Profiles\9nj1kh0k.default\prefs.js:

Added to C:\Users\JINDIK~1\AppData\Roaming\Mozilla\Firefox\Profiles\9nj1kh0k.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\MATOUS~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

Added to C:\Users\MATOUS~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\MATOUS~1\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\prefs.js:

Added to C:\Users\MATOUS~1\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\prefs.js:

ProfilePath: C:\Users\ESTERK~1\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_15.02.2015_1442_.backup

ProfilePath: C:\Users\Gianluca\AppData\Roaming\Mozilla\Firefox\Profiles\48szkt78.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_10.06.2014_1606_.backup
prefs_15.02.2015_1442_.backup

ProfilePath: C:\Users\JINDIK~1\AppData\Roaming\Mozilla\Firefox\Profiles\9nj1kh0k.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_15.02.2015_1442_.backup

ProfilePath: C:\Users\MATOUS~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_15.02.2015_1442_.backup

ProfilePath: C:\Users\MATOUS~1\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_15.02.2015_1442_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Opera\shell\open\command]
@="C:\\Program Files (x86)\\Opera\\Opera.exe"

==== Deleting Files \ Folders ======================

C:\PROGRA~2\2254467e-3794-407e-8da2-4d3f854a6fca deleted
C:\Users\Gianluca\AppData\Roaming\appdataFr2.bin deleted
C:\Users\Matouskovi\AppData\Roaming\appdataFr2.bin deleted
C:\Users\Matouskovi\AppData\Roaming\appdataFr3.bin deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\ESTERK~1\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\staged deleted
C:\Users\Gianluca\AppData\Roaming\Mozilla\Firefox\Profiles\48szkt78.default\extensions\staged deleted
C:\Users\JINDIK~1\AppData\Roaming\Mozilla\Firefox\Profiles\9nj1kh0k.default\extensions\staged deleted
C:\Users\MATOUS~1\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\staged deleted
C:\Users\Matouskovi\AppData\Roaming\GCAQWS.exe deleted
C:\Users\Matouskovi\AppData\Roaming\XTZ.exe deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\ESTERK~1\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\JINDIK~1\AppData\Roaming\Mozilla\Firefox\Profiles\9nj1kh0k.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\MATOUS~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\ESTERK~1\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\sepherdwilbur@aol.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\sepherdwilbur@aol.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\sepherdwilbur@aol.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\sepherdwilbur@aol.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\sepherdwilbur@aol.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\sepherdwilbur@aol.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\sepherdwilbur@aol.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\sepherdwilbur@aol.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\sepherdwilbur@aol.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com

ProfilePath: C:\Users\JINDIK~1\AppData\Roaming\Mozilla\Firefox\Profiles\9nj1kh0k.default
- Undetermined - C:\Users\Jind
- Undetermined - C:\Users\Jind
- Undetermined - C:\Users\Jind
- Undetermined - C:\Users\Jind
- Undetermined - C:\Users\Jind
- Undetermined - C:\Users\Jind
- Undetermined - C:\Users\Jind
- Undetermined - C:\Users\Jind
- Undetermined - C:\Users\Jind
- Undetermined - C:\Users\Jind

ProfilePath: C:\Users\MATOUS~1\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default
- Undetermined - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\faststartff@gmail.com
- skipcerterrorfoudilfr - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\skipcerterror@foudil.fr
- Undetermined - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com
- Undetermined - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\sepherdwilbur@aol.com
- skipcerterrorfoudilfr - %ProfilePath%\extensions\skipcerterror@foudil.fr

ExtDir: C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- Undetermined - %ExtDir%\suggestor@suggestor.pirrit.com.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default
F59A3BE52327B91541CA61A783741595 - C:\Users\Matouskovi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
AAEECF49F3B841180007E8C8E6974F18 - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll - PDF-XChange Viewer


==== Chromium Look ======================

Google Chrome Version: 39.0.2171.71 (Possible outdated, latest Stable version: 40.0.2214.111)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[11.04.2014 18:46]

One Number - Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfkohgkpafhkpdcnfadadcibfboapggi
Sprucemarks - Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\fakeocdnmmmnokabaiflppclocckihoj
Close Tabs - Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\gadafnnkijfmbbmeielphlapddbmgbgo
Chromium Updater - Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcmicnfbmcjhlbdohdmdhfjlbigkcddl
Skype Click to Call - Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Browse Faster - Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponhjlldbpnmeieenmaacddmlfpdielh
One Number - Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfkohgkpafhkpdcnfadadcibfboapggi
Sprucemarks - Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fakeocdnmmmnokabaiflppclocckihoj
Close Tabs - Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gadafnnkijfmbbmeielphlapddbmgbgo
Chromium Updater - Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcmicnfbmcjhlbdohdmdhfjlbigkcddl
Skype Click to Call - Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Browse Faster - Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponhjlldbpnmeieenmaacddmlfpdielh
Bubble Elements - Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fcijkonhppildbjgkdaglmeoeemcldha
Skype Click to Call - Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Radio Canyon - Matouskovi\AppData\Roaming\Opera Software\Opera Stable\Extensions\bikofacodmhdpkfdeeocponfcgjcdfbk

==== Chromium Fix ======================

C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfkohgkpafhkpdcnfadadcibfboapggi deleted successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfkohgkpafhkpdcnfadadcibfboapggi deleted successfully
C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\fakeocdnmmmnokabaiflppclocckihoj deleted successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fakeocdnmmmnokabaiflppclocckihoj deleted successfully
C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fakeocdnmmmnokabaiflppclocckihoj_0.localstorage deleted successfully
C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fakeocdnmmmnokabaiflppclocckihoj_0.localstorage-journal deleted successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fakeocdnmmmnokabaiflppclocckihoj_0.localstorage deleted successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fakeocdnmmmnokabaiflppclocckihoj_0.localstorage-journal deleted successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fakeocdnmmmnokabaiflppclocckihoj deleted successfully
C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\gadafnnkijfmbbmeielphlapddbmgbgo deleted successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gadafnnkijfmbbmeielphlapddbmgbgo deleted successfully
C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gadafnnkijfmbbmeielphlapddbmgbgo_0.localstorage deleted successfully
C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gadafnnkijfmbbmeielphlapddbmgbgo_0.localstorage-journal deleted successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gadafnnkijfmbbmeielphlapddbmgbgo_0.localstorage deleted successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gadafnnkijfmbbmeielphlapddbmgbgo_0.localstorage-journal deleted successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gadafnnkijfmbbmeielphlapddbmgbgo deleted successfully
C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcmicnfbmcjhlbdohdmdhfjlbigkcddl deleted successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcmicnfbmcjhlbdohdmdhfjlbigkcddl deleted successfully
C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hcmicnfbmcjhlbdohdmdhfjlbigkcddl_0.localstorage deleted successfully
C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hcmicnfbmcjhlbdohdmdhfjlbigkcddl_0.localstorage-journal deleted successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hcmicnfbmcjhlbdohdmdhfjlbigkcddl_0.localstorage deleted successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hcmicnfbmcjhlbdohdmdhfjlbigkcddl_0.localstorage-journal deleted successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hcmicnfbmcjhlbdohdmdhfjlbigkcddl deleted successfully
C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponhjlldbpnmeieenmaacddmlfpdielh deleted successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponhjlldbpnmeieenmaacddmlfpdielh deleted successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fcijkonhppildbjgkdaglmeoeemcldha deleted successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_fcijkonhppildbjgkdaglmeoeemcldha_0.localstorage deleted successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_fcijkonhppildbjgkdaglmeoeemcldha_0.localstorage-journal deleted successfully
C:\Users\Matouskovi\AppData\Roaming\Opera Software\Opera Stable\Extensions\bikofacodmhdpkfdeeocponfcgjcdfbk deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=MSSE"
"First Home Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"First Home Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.msn.com/?pc=MSSE"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{05EF0A21-C92E-4743-8E39-730E26024039} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_12454"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{48FB8B09-5758-462C-971F-8241120BC74F} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_12454"
{4F833CAA-94E3-40C1-BE60-4F3FBA29F155} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{7FB123D2-EA11-4D13-B9B7-18D27F58A421} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_12454"
{96382310-48A0-4DDF-AD92-613B8A5CB223} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_12454"
{B698D1D6-D6AF-4397-8E21-CAC7D387B574} Google Url="http://www.google.cz/search?q={searchTe ... {startPage}"
{CDBF616F-FE64-4FDF-BE82-9D58616AA328} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454"
{CE67BA7D-24B5-4481-AFB4-48B896032C3A} Seznam Url="http://search.seznam.cz/?q={searchTerms ... arch_12454"
{DC303589-C36F-4BB1-8484-B5FAC272634A} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_12454"
{E5C3AF93-9698-4585-A13D-2D96003B49F5} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_12454"

==== Reset Google Chrome ======================

C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Preferences was reset successfully
C:\Users\Matouskovi\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data was reset successfully
C:\Users\Matouskovi\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ESL Wire deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gianluca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gianluca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Matouskovi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Matouskovi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Gianluca\AppData\Local\Mozilla\Firefox\Profiles\48szkt78.default\cache2 emptied successfully
C:\Users\Matouskovi\AppData\Local\Mozilla\Firefox\Profiles\smscr827.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Matouskovi\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=260 folders=81 9338645 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Gianluca\AppData\Local\temp emptied successfully
C:\Users\Matouskovi\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\MATOUS~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 15.02.2015 at 14:52:43,53 ======================

[vyosek]

Nyni dejte novy log z FRST

[petal219]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-02-2015
Ran by Matouskovi (administrator) on MATOUSKOVI-PC on 15-02-2015 14:54:30
Running from C:\Users\Matouskovi\Desktop
Loaded Profiles: Matouskovi & UpdatusUser (Available profiles: Matouskovi & EsterkaPú & Jindřiška & Gianluca & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe
(NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyWow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(forum.viry.cz) C:\Users\Matouskovi\Desktop\FRSTLauncher (2).exe
(Google Inc.) C:\Program Files (x86)\Google\Update\Install\{ED08DEA6-B9DB-45F8-BB88-A9D502354C58}\GoogleUpdateSetup.exe
(Google Inc.) C:\Program Files (x86)\GUM8F05.tmp\GoogleUpdate.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [151552 2013-06-29] (IvoSoft)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2011-09-16] (LogMeIn, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Sound Blaster Tactic3D Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe [2091008 2014-07-03] (Creative Technology Ltd)
HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe [3231032 2013-10-03] (NETGATE Technologies s.r.o.)
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\...\RunOnce: [ProdReg] => C:\Program Files (x86)\Creative\Product Registration\ProdReg.exe [1690112 2014-02-24] (Creative Technology Ltd)
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\...\RunOnce: [CTPostBootSequencer] => "C:\Users\MATOUS~1\AppData\Local\Temp\CTPBSeq.exe" /reglaunch /self_destruct <===== ATTENTION
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... 12454&OSP=
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {05EF0A21-C92E-4743-8E39-730E26024039} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {48FB8B09-5758-462C-971F-8241120BC74F} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {4F833CAA-94E3-40C1-BE60-4F3FBA29F155} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {7FB123D2-EA11-4D13-B9B7-18D27F58A421} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {96382310-48A0-4DDF-AD92-613B8A5CB223} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {B698D1D6-D6AF-4397-8E21-CAC7D387B574} URL = http://www.google.cz/search?q={searchTe ... {startPage}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {CDBF616F-FE64-4FDF-BE82-9D58616AA328} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {CE67BA7D-24B5-4481-AFB4-48B896032C3A} URL = http://search.seznam.cz/?q={searchTerms ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {DC303589-C36F-4BB1-8484-B5FAC272634A} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {E5C3AF93-9698-4585-A13D-2D96003B49F5} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {05EF0A21-C92E-4743-8E39-730E26024039} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {48FB8B09-5758-462C-971F-8241120BC74F} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {4F833CAA-94E3-40C1-BE60-4F3FBA29F155} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {7FB123D2-EA11-4D13-B9B7-18D27F58A421} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {96382310-48A0-4DDF-AD92-613B8A5CB223} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {B698D1D6-D6AF-4397-8E21-CAC7D387B574} URL = http://www.google.cz/search?q={searchTe ... {startPage}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {CDBF616F-FE64-4FDF-BE82-9D58616AA328} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {CE67BA7D-24B5-4481-AFB4-48B896032C3A} URL = http://search.seznam.cz/?q={searchTerms ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {DC303589-C36F-4BB1-8484-B5FAC272634A} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {E5C3AF93-9698-4585-A13D-2D96003B49F5} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.co ... 5.11.0.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\EsterkaPú\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1528716315-3860698994-2152196103-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Matouskovi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1528716315-3860698994-2152196103-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: skipcerterrorfoudilfr - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\Extensions\skipcerterror@foudil.fr [2014-11-12]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\faststartff@gmail.com [Not Found]
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [Not Found]
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com [Not Found]
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\sepherdwilbur@aol.com [Not Found]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Skype Click to Call) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-06-10]
CHR Profile: C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Prezentace Google) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-19]
CHR Extension: (Docs) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-19]
CHR Extension: (Disk Google) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-19]
CHR Extension: (YouTube) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-19]
CHR Extension: (Vyhledávání Google) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-19]
CHR Extension: (Tabulky Google) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-19]
CHR Extension: (Skype Click to Call) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-01-19]
CHR Extension: (Gmail) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-08-13] ()
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376168 2014-11-03] (LogMeIn, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-08] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-07-22] ()
R2 SpyEmrgSrv; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [3284008 2013-03-11] (NETGATE Technologies s.r.o.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 0c632643; "C:\Windows\system32\rundll32.exe" "c:\progra~3\intere~1\InterenetOptimizerSvc.dll",service
S2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [X]
S2 Hamachi2Svc; "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ADIHdAudAddService; C:\Windows\System32\drivers\ADIHdAud.sys [497152 2009-04-23] (Analog Devices, Inc.) [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-10] (Disc Soft Ltd)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-12-11] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2014-02-21] (Razer, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-11-09] (Duplex Secure Ltd.)
R1 SpyEmrg; C:\Windows\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\Windows\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o.)
R3 SpyEmrgGuard; C:\Windows\System32\Drivers\spyemrg_guard.sys [18776 2011-04-21] (NETGATE Technologies s.r.o.)
S3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2013-05-31] (Creative Technology Ltd.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-15 14:54 - 2015-02-15 14:54 - 06103040 _____ () C:\Program Files (x86)\GUT8F06.tmp
2015-02-15 14:54 - 2015-02-15 14:54 - 00000000 ____D () C:\Program Files (x86)\GUM8F05.tmp
2015-02-15 14:49 - 2015-02-15 14:09 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-15 14:46 - 2015-02-15 14:46 - 00000020 _____ () C:\Users\Matouskovi\AppData\Roaming\appdataFr3.bin
2015-02-15 14:35 - 2015-02-15 14:54 - 00026129 _____ () C:\Users\Matouskovi\Desktop\FRST.txt
2015-02-15 14:35 - 2015-02-15 14:54 - 00000000 ____D () C:\FRST
2015-02-15 14:34 - 2015-02-15 14:33 - 02134528 _____ (Farbar) C:\Users\Matouskovi\Desktop\FRST64.exe
2015-02-15 14:33 - 2015-02-15 14:33 - 02134528 _____ (Farbar) C:\Users\Matouskovi\Downloads\FRST64.exe
2015-02-15 14:32 - 2015-02-15 14:32 - 00112640 _____ (forum.viry.cz) C:\Users\Matouskovi\Downloads\Nepotvrzeno 206061.crdownload
2015-02-15 14:32 - 2015-02-15 14:32 - 00112640 _____ (forum.viry.cz) C:\Users\Matouskovi\Downloads\Nepotvrzeno 149854.crdownload
2015-02-15 14:32 - 2015-02-15 14:32 - 00112640 _____ (forum.viry.cz) C:\Users\Matouskovi\Downloads\FRSTLauncher (2).exe
2015-02-15 14:32 - 2015-02-15 14:32 - 00112640 _____ (forum.viry.cz) C:\Users\Matouskovi\Desktop\FRSTLauncher (2).exe
2015-02-15 14:13 - 2015-02-15 14:07 - 00001333 _____ () C:\zoek-results2015-02-15-130727.log
2015-02-15 14:07 - 2015-02-15 13:28 - 00001806 _____ () C:\zoek-results2015-02-15-122826.log
2015-02-15 13:27 - 2014-06-10 15:12 - 00011186 _____ () C:\zoek-results2014-06-10-141202.log
2015-02-15 13:24 - 2015-02-15 14:47 - 00000000 ____D () C:\zoek_backup
2015-02-15 13:23 - 2015-02-15 13:23 - 01304576 _____ () C:\Users\Matouskovi\Downloads\zoek.exe
2015-02-15 13:23 - 2015-02-15 13:23 - 01304576 _____ () C:\Users\Matouskovi\Desktop\zoek.exe
2015-02-15 13:16 - 2015-02-15 13:19 - 00000000 ____D () C:\AdwCleaner
2015-02-15 13:14 - 2015-02-15 13:14 - 02112512 _____ () C:\Users\Matouskovi\Desktop\adwcleaner_4.110.exe
2015-02-15 13:13 - 2015-02-15 13:14 - 02112512 _____ () C:\Users\Matouskovi\Downloads\adwcleaner_4.110.exe
2015-02-15 13:12 - 2015-02-15 13:13 - 00225167 _____ () C:\Users\Matouskovi\Downloads\avgremover.log
2015-02-15 13:12 - 2015-02-15 13:12 - 03681088 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Matouskovi\Downloads\avg_remover_stf_x64_2015_5501.exe
2015-02-15 12:55 - 2015-02-15 12:55 - 00000000 ____D () C:\rsit
2015-02-15 12:55 - 2015-02-15 12:55 - 00000000 ____D () C:\Program Files\trend micro
2015-02-15 12:54 - 2015-02-15 12:54 - 01222144 _____ () C:\Users\Matouskovi\Downloads\RSITx64.exe
2015-02-15 11:20 - 2015-02-15 11:20 - 00000020 _____ () C:\Users\EsterkaPú\AppData\Roaming\appdataFr3.bin
2015-02-10 11:17 - 2015-02-10 11:17 - 00000020 _____ () C:\Users\Jindřiška\AppData\Roaming\appdataFr3.bin
2015-02-09 15:08 - 2015-02-09 15:32 - 00982266 _____ () C:\Users\Matouskovi\Desktop\Nový Prezentace aplikace Microsoft PowerPoint (2).pptx
2015-02-07 17:05 - 2015-02-07 17:05 - 05070512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-02-01 19:34 - 2015-02-01 19:50 - 00000000 ____D () C:\Users\EsterkaPú\Desktop\LG
2015-02-01 19:32 - 2015-02-01 19:32 - 00000000 ____D () C:\Users\EsterkaPú\AppData\Roaming\dvdcss
2015-01-21 17:24 - 2015-01-21 17:24 - 01182978 _____ () C:\Users\Matouskovi\Downloads\Semeno.pptx
2015-01-17 17:01 - 2015-01-18 13:03 - 03613797 _____ () C:\Users\Matouskovi\Desktop\Nový Prezentace aplikace Microsoft PowerPoint.pptx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-15 14:54 - 2014-06-21 09:09 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-15 14:54 - 2012-11-07 17:08 - 01844555 _____ () C:\Windows\WindowsUpdate.log
2015-02-15 14:52 - 2014-06-10 14:59 - 00032627 _____ () C:\zoek-results.log
2015-02-15 14:51 - 2014-09-21 20:07 - 00095544 _____ () C:\Windows\setupact.log
2015-02-15 14:50 - 2014-09-28 11:28 - 00029468 _____ () C:\Windows\PFRO.log
2015-02-15 14:50 - 2012-11-07 17:21 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-15 14:50 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-15 14:24 - 2014-06-21 09:09 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-15 14:16 - 2011-04-12 09:34 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2015-02-15 14:16 - 2011-04-12 09:34 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2015-02-15 14:16 - 2009-07-14 06:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-15 14:16 - 2009-07-14 05:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-15 14:16 - 2009-07-14 05:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-15 14:05 - 2014-07-09 08:05 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-15 13:19 - 2014-09-06 19:11 - 00000603 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-15 13:19 - 2014-09-06 19:11 - 00000603 _____ () C:\ProgramData\Desktop\Mozilla Firefox.lnk
2015-02-15 13:19 - 2014-04-12 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-15 13:19 - 2012-11-14 18:11 - 00000979 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-02-15 13:19 - 2012-11-07 17:09 - 00000979 _____ () C:\Users\Matouskovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-15 12:19 - 2014-05-07 19:44 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2015-02-15 11:21 - 2013-10-24 13:33 - 00000000 ____D () C:\Users\EsterkaPú\AppData\Roaming\Seznam.cz
2015-02-14 20:58 - 2012-12-08 17:22 - 00004010 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{961A0EA5-CBA7-4758-9183-B4472D8FEEE8}
2015-02-14 20:29 - 2012-11-14 18:11 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-13 10:56 - 2012-11-23 11:26 - 00000000 ____D () C:\Users\Matouskovi\AppData\Local\CrashDumps
2015-02-11 20:18 - 2012-11-23 11:33 - 00281392 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-02-11 20:18 - 2012-11-22 19:43 - 00281392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-11 20:15 - 2014-03-26 13:14 - 00000000 ____D () C:\Users\Matouskovi\AppData\Local\Battle.net
2015-02-11 16:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-11 16:08 - 2014-06-23 17:26 - 00003840 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1379855388
2015-02-10 11:23 - 2013-01-05 20:18 - 00000000 ____D () C:\Users\Jindřiška\AppData\Roaming\Skype
2015-02-10 11:22 - 2013-11-06 08:04 - 00000000 ____D () C:\Users\Jindřiška\AppData\Roaming\Seznam.cz
2015-02-10 11:18 - 2013-04-10 07:09 - 00000000 ____D () C:\Users\Jindřiška\AppData\Local\CrashDumps
2015-02-09 15:32 - 2013-11-30 12:36 - 06286848 ___SH () C:\Users\Matouskovi\Desktop\Thumbs.db
2015-02-07 17:05 - 2012-11-07 17:15 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-07 17:05 - 2012-11-07 17:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-07 17:05 - 2012-11-07 17:15 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-01 19:32 - 2014-05-22 19:35 - 00000000 ____D () C:\Users\EsterkaPú\AppData\Roaming\vlc
2015-01-26 16:47 - 2014-12-12 21:07 - 00000000 ____D () C:\Users\Matouskovi\Desktop\hudba
2015-01-25 17:44 - 2012-12-21 12:55 - 00000000 ____D () C:\Users\Matouskovi\AppData\Roaming\TS3Client
2015-01-22 17:47 - 2015-01-08 19:40 - 00000000 ____D () C:\Users\Matouskovi\AppData\Roaming\Spy Emergency
2015-01-22 15:18 - 2015-01-05 19:48 - 04582264 _____ () C:\Users\Matouskovi\Desktop\TechnicLauncher.exe
2015-01-22 10:29 - 2013-06-22 12:44 - 00000000 ____D () C:\Users\Matouskovi\Documents\Soubory aplikace Outlook
2015-01-19 14:15 - 2012-11-22 19:43 - 00281392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-01-17 18:59 - 2012-11-20 18:21 - 00000000 ____D () C:\Users\Matouskovi\AppData\Roaming\Skype
2015-01-16 16:35 - 2013-03-24 18:44 - 00000000 ____D () C:\Users\Matouskovi\AppData\Roaming\.minecraft

==================== Files in the root of some directories =======

2015-02-15 14:54 - 2015-02-15 14:54 - 6103040 _____ () C:\Program Files (x86)\GUT8F06.tmp
2015-02-15 14:46 - 2015-02-15 14:46 - 0000020 _____ () C:\Users\Matouskovi\AppData\Roaming\appdataFr3.bin
2014-01-01 10:30 - 2014-01-17 06:55 - 0000027 _____ () C:\Users\Matouskovi\AppData\Roaming\mskviy.dat
2014-01-01 10:30 - 2014-01-16 11:02 - 0001747 _____ () C:\Users\Matouskovi\AppData\Roaming\mssdxk.dat
2014-02-19 19:19 - 2014-02-19 19:19 - 0000600 _____ () C:\Users\Matouskovi\AppData\Roaming\winscp.rnd
2012-11-20 13:48 - 2014-05-29 12:04 - 0007168 _____ () C:\Users\Matouskovi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-09 13:16 - 2014-01-09 13:16 - 0000852 _____ () C:\Users\Matouskovi\AppData\Local\recently-used.xbel
2012-11-07 17:54 - 2014-05-30 20:04 - 0007642 _____ () C:\Users\Matouskovi\AppData\Local\Resmon.ResmonCfg
2014-04-21 09:57 - 2014-04-21 09:57 - 4685824 _____ () C:\ProgramData\ClassicShellSetup64_4_1_0.msi

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-07 16:15




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:167.58 GB) (Free:12.19 GB) NTFS
Drive d: (Data disk) (Fixed) (Total:1863.01 GB) (Free:716.87 GB) NTFS
Drive e: (Sims3EP10) (CDROM) (Total:4.37 GB) (Free:0 GB) UDF

Available physical RAM: 1158.59 MB
Total physical RAM: 4029.62 MB
Percentage of memory in use: 71%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 167.7 GB) (Disk ID: 34838E54)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=167.6 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 0879521D)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Spy Emergency (Disabled - Up to date) {A77BE48A-B776-F747-8A39-C3ECDC95366D}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Matouskovi\Desktop" je 18231 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
"C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msvdbufSrv
"C:\Windows\system32\msvdbuf.vbe" mskviy mssdxk [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RaidCall
C:\Program Files (x86)\RaidCall\raidcall.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Razer Synapse
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay
C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"D:\Program Files (x86)\Steam\Steam.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DefaultOutboundAction REG_DWORD 0x0
DefaultInboundAction REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DefaultOutboundAction REG_DWORD 0x0
DefaultInboundAction REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================






Addition log:Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2015
Ran by Matouskovi at 2015-02-15 14:55:21
Running from C:\Users\Matouskovi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Spy Emergency (Disabled - Up to date) {A77BE48A-B776-F747-8A39-C3ECDC95366D}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Aktualizace NVIDIA 9.3.21 (Version: 9.3.21 - NVIDIA Corporation) Hidden
Alien Isolation (HKLM-x32\...\Alien Isolation_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
Altap Salamander 2.54 (HKLM-x32\...\Altap Salamander 2.54) (Version: 2.54 - ALTAP)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (HKLM-x32\...\Steam App 219540) (Version: - )
ArtRage (HKLM-x32\...\{CF72DC2F-F292-4D2B-B4E8-7D2060F095DA}) (Version: 3 - Ambient Design Ltd.)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.2.455 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BitTorrent (HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\...\BitTorrent) (Version: 7.9.2.35144 - BitTorrent Inc.)
Brave Dwarves Back for Treasures 1.1 (HKLM-x32\...\Brave Dwarves Back for Treasures_is1) (Version: - GameOverGames)
Camtasia Studio 8 (HKLM-x32\...\{5303CFB5-D635-44F0-A94B-9611E81F07C4}) (Version: 8.3.0.1471 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
Classic Shell (HKLM\...\{FEA1590B-540A-41FC-A95C-664493C82A21}) (Version: 3.6.8 - IvoSoft)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
Dell System Detect (HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\...\9204f5692a8faf3b) (Version: 3.3.2.0 - Dell)
Dell System Detect (HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\...\9204f5692a8faf3b) (Version: 3.3.2.0 - Dell)
ESL Wire 1.18.0 (HKLM\...\ESL Wire_is1) (Version: - Turtle Entertainment GmbH)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Godus (HKLM-x32\...\Steam App 232810) (Version: - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Kolekce The Sims™ 3 Zahradní mejdan (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LogMeIn (HKLM-x32\...\{976475B8-63E9-4559-BE2C-D26086BE4C40}) (Version: 4.1.2126 - LogMeIn, Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
Metin2 (HKLM-x32\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 cs)) (Version: 32.0 - Mozilla)
NVIDIA GeForce Experience 1.7.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7.1 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.9 - NVIDIA Corporation)
Opera 12.11 (HKLM-x32\...\Opera 12.11.1661) (Version: 12.11.1661 - Opera Software ASA)
Opera Stable 27.0.1689.69 (HKLM-x32\...\Opera 27.0.1689.69) (Version: 27.0.1689.69 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
PDF-XChange Lite 4 (HKLM\...\{B860298B-CE03-4DE2-B92E-422F2C20A2D8}_is1) (Version: 4.0.201.0 - Tracker Software Products Ltd)
PingPlotter Standard 3.40.2s (HKLM-x32\...\{D8A50F0B-791E-43E6-8F22-AEC2D3FBEB84}) (Version: 3.40.2.5 - Nessoft, LLC)
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.2.4-1.0.7299.14 - raidcall.com)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.17.23 - Razer Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 1.6.53 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Sound Blaster Tactic(3D) (HKLM-x32\...\{92000C16-939B-44CA-802F-0D552019D7C8}) (Version: 1.0 - Creative Technology Limited)
SoundMAX (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.2.7250 - Analog Devices)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Spy Emergency (HKLM\...\Spy Emergency_is1) (Version: - NETGATE Technologies s.r.o.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab for Intel (HKLM-x32\...\{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}) (Version: 4.5.11.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.38846 - TeamViewer)
The Sims 2 Ve světě podnikání (HKLM-x32\...\{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}) (Version: - )
The Sims™ 2 (HKLM-x32\...\{2C82E097-694E-44ea-A947-2750679469CF}) (Version: - Electronic Arts)
The Sims™ 2 H&M® Móda Kolekce (HKLM-x32\...\{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}) (Version: - )
The Sims™ 2 IKEA® Domov Kolekce (HKLM-x32\...\{6E17F9751-F056-4335-B718-8AF1B1092AFB}) (Version: - Electronic Arts)
The Sims™ 2 Mazlíčci (HKLM-x32\...\{4817189D-1785-4627-A33C-39FD90919300}) (Version: - )
The Sims™ 2 Pojďme slavit! Kolekce (HKLM-x32\...\{EAA38532-7AD0-4f78-918A-4F4F02096ECE}) (Version: - )
The Sims™ 2 Život v bytě (HKLM-x32\...\{B6F5B704-06D3-4687-90F3-6195304AD755}) (Version: - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.54.95 - Electronic Arts)
The Sims™ 3 Domácí mazlíčci (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Hrátky osudu (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Luxusní bydlení – Kolekce (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Obludárium (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Roční období (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Studentský život (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 Tropický ráj (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Po setmění (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
Tribes: Ascend (HKLM-x32\...\Steam App 17080) (Version: - Hi-Rez Studios)
Ultra WMV Converter 6.4.0311 (HKLM-x32\...\Ultra WMV Converter_is1) (Version: - Aone Software)
Unity Web Player (HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
War Thunder Launcher 1.0.1.355 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
webium's modpack 0.9.0 v3.1 (HKLM-x32\...\{B64D8CE9-11B2-469D-A347-9A13C2BCA423}_is1) (Version: - myWOTmods.com)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Tanks - Common Test (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812CT}_is1) (Version: - Wargaming.net)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000_Classes\CLSID\{D8ABAF7E-2A5E-B8B9-003D-FBA8D6CF2643}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)

==================== Restore Points =========================

22-01-2015 17:50:26 Windows Update
25-01-2015 19:00:05 Windows Zálohování
26-01-2015 13:34:13 Windows Update
30-01-2015 09:54:15 Windows Update
01-02-2015 19:00:06 Windows Zálohování
03-02-2015 18:04:45 Windows Update
07-02-2015 15:53:51 Windows Update
09-02-2015 11:34:54 Windows Zálohování
10-02-2015 16:58:13 Windows Update
13-02-2015 19:12:33 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-02-15 14:13 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {090AE704-381C-4B3D-ABB7-B9F254E9F8CB} - System32\Tasks\{C87806F1-EB2B-4753-9075-B9AC872E359C} => D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
Task: {0CF1434E-CEFF-4995-BBDB-BF6125046C89} - System32\Tasks\{A23E77E0-F6F3-4440-83DF-BA6EB726542E} => Chrome.exe http://ui.skype.com/ui/0/6.1.60.129/cs/ ... rogressBar
Task: {0E1FAD77-4494-436C-9518-485289467905} - System32\Tasks\{54E81E03-778A-4ADA-BFB2-1036F40E6D82} => pcalua.exe -a D:\counter-strike-1-6-non-stream-09-21-2011-10-29-1018.exe -d D:\
Task: {19639834-F83E-4088-ACA8-8E734F441EA4} - System32\Tasks\{3B4F3F47-79E5-4DB1-BFB4-3E9B4DF1A115} => pcalua.exe -a C:\Users\Matouskovi\AppData\Roaming\Seznam.cz\sznsetup.exe -d C:\Users\Matouskovi\AppData\Roaming\Seznam.cz
Task: {28A00EB1-87BE-456A-A7AF-6FC1C409CC15} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-07] (Adobe Systems Incorporated)
Task: {2A22761E-C646-44C9-8248-4D3D9213E1F7} - System32\Tasks\{8C70EBBF-B2A9-4C60-918A-A956B24384A8} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {36D6901F-D616-410A-AB89-BA6CAD3FC925} - System32\Tasks\{68AA5890-00BA-4374-8B23-12D16DE1D140} => D:\Games\World_of_Tanks\WOTLauncher.exe [2014-12-16] (Wargaming.net)
Task: {375E66A1-CF88-42AD-928B-B3BCCF3401C3} - System32\Tasks\{A059B6A4-1706-45F4-B22F-0DA21E41CE7E} => C:\Program Files (x86)\Valve\hl.exe
Task: {3ADEFE7F-12F3-4996-80DE-F5B744D845A1} - System32\Tasks\{08D58B6D-861D-4D47-9BEA-BFECE686D36F} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{3DE92282-CB49-434F-81BF-94E5B380E889}\Sims3EP08Setup.exe" -c -runfromtemp -l0x0005 -removeonly
Task: {51AB7FA8-6E94-4440-B800-577D157FC923} - System32\Tasks\AnVir Task Manager => D:\Program Files (x86)\AnVir Task Manager Free\anvir.exe
Task: {5FE25472-0202-44D0-B061-80350E3474D3} - System32\Tasks\{574A134D-413F-4F7E-93F9-4192CFC9DED3} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {707035E3-E3F8-41C1-AFE3-C04C3732FEED} - System32\Tasks\Opera scheduled Autoupdate 1379855388 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-10] (Opera Software)
Task: {70E12EF5-5171-4D31-AB2F-94DA1692B411} - System32\Tasks\{9470AADE-5969-4453-BF41-6B3F56D26E0D} => Chrome.exe http://ui.skype.com/ui/0/6.6.60.106/cs/ ... rogressBar
Task: {70F94B31-077B-48F0-95FC-0E2BB3C38865} - System32\Tasks\{937315C6-BFD2-4B20-876F-04CC957E4AF8} => pcalua.exe -a E:\Install.exe -d E:\
Task: {73C03627-F41C-47B4-9DF4-2B2E58722D61} - System32\Tasks\{95945605-EAF8-4820-80E6-FCA6D17BA4F0} => pcalua.exe -a "D:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe" -c uninstall=all
Task: {95B5076A-AF3A-4D09-A899-7601F36952D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-14] (Google Inc.)
Task: {9E0EE509-D3AB-42E6-A695-67D75884C80F} - System32\Tasks\CCleanerSkipUAC => D:\cc\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {AE17D2D4-EB85-45FA-BC41-68CA74185836} - System32\Tasks\{F9F04DA7-C253-4E98-9498-9D2BC2791EB4} => Chrome.exe http://ui.skype.com/ui/0/7.0.80.102/cs/ ... rogressBar
Task: {C578218F-AC8B-46FB-9AD5-EC3DEBDB59AE} - System32\Tasks\{EAAE64EC-C090-4391-A8C7-D21442F36A6E} => D:\Users\Matouskovi\starcraft-1-cz-full-game.exe
Task: {DADC6EDF-3B63-49B6-A8D4-21F913146438} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E16FD39F-2B98-4CEF-A544-6CB10D09CB8D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-14] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2012-11-22 19:43 - 2013-07-22 15:08 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-01-07 17:33 - 2007-11-02 16:20 - 00243712 _____ () C:\Program Files\NETGATE\Spy Emergency\SSLEAY32.dll
2015-01-07 17:33 - 2007-11-02 16:20 - 01403904 _____ () C:\Program Files\NETGATE\Spy Emergency\LIBEAY32.dll
2015-01-07 17:33 - 2007-09-04 15:25 - 00198144 _____ () C:\Program Files\NETGATE\Spy Emergency\unrar.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-09-28 11:50 - 2014-03-24 09:37 - 00074240 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2014-09-28 11:50 - 2014-03-24 09:33 - 00274944 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2014-11-27 17:29 - 2014-11-25 07:39 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-11-27 17:29 - 2014-11-25 07:39 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-11-27 17:29 - 2014-11-25 07:39 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-11-27 17:29 - 2014-11-25 07:39 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
2014-11-27 17:29 - 2014-11-25 07:39 - 14910280 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Matouskovi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: msvdbufSrv => "C:\Windows\system32\msvdbuf.vbe" mskviy mssdxk
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: RaidCall => C:\Program Files (x86)\RaidCall\raidcall.exe
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "D:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Accounts: =============================

Administrator (S-1-5-21-1528716315-3860698994-2152196103-500 - Administrator - Disabled)
EsterkaPú (S-1-5-21-1528716315-3860698994-2152196103-1003 - Administrator - Enabled) => C:\Users\EsterkaPú
Gianluca (S-1-5-21-1528716315-3860698994-2152196103-1005 - Administrator - Enabled) => C:\Users\Gianluca
Guest (S-1-5-21-1528716315-3860698994-2152196103-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1528716315-3860698994-2152196103-1002 - Limited - Enabled)
Jindřiška (S-1-5-21-1528716315-3860698994-2152196103-1004 - Administrator - Enabled) => C:\Users\Jindřiška
Matouskovi (S-1-5-21-1528716315-3860698994-2152196103-1000 - Administrator - Enabled) => C:\Users\Matouskovi
UpdatusUser (S-1-5-21-1528716315-3860698994-2152196103-1006 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/15/2015 02:52:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2015 02:51:37 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (02/15/2015 02:51:37 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (02/15/2015 02:10:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2015 02:09:46 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (02/15/2015 02:09:46 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (02/15/2015 02:05:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2015 02:05:01 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (02/15/2015 02:05:01 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (02/15/2015 01:22:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (02/15/2015 02:51:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Superfetch byla ukončena s následující chybou:
%%2

Error: (02/15/2015 02:51:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba LogMeIn Hamachi Tunneling Engine neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (02/15/2015 02:51:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ESL Wire Helper Service neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (02/15/2015 02:51:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Interenet Optimizer bylo dosaženo časového limitu (30000 ms).

Error: (02/15/2015 02:42:58 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (02/15/2015 02:42:58 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (02/15/2015 02:42:58 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (02/15/2015 02:42:57 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (02/15/2015 02:42:57 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (02/15/2015 02:10:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Superfetch byla ukončena s následující chybou:
%%2


Microsoft Office Sessions:
=========================
Error: (02/15/2015 02:52:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2015 02:51:37 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (02/15/2015 02:51:37 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (02/15/2015 02:10:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2015 02:09:46 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (02/15/2015 02:09:46 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (02/15/2015 02:05:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2015 02:05:01 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (02/15/2015 02:05:01 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (02/15/2015 01:22:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2014-09-28 12:51:52.809
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\UHSAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-09-28 12:51:52.779
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\UHSAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-09-28 12:51:20.165
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\UHSAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-09-28 12:50:34.753
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\UHSAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-09-28 12:50:34.704
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\UHSAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-09-28 12:50:34.666
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\UHSAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-09-28 12:49:13.287
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\UHSAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-09-28 12:48:24.416
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\UHSAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-09-28 12:48:21.037
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\UHSAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-09-28 12:47:58.239
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\UHSAPO64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 71%
Total physical RAM: 4029.62 MB
Available physical RAM: 1158.59 MB
Total Pagefile: 8057.41 MB
Available Pagefile: 5173.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:167.58 GB) (Free:12.19 GB) NTFS
Drive d: (Data disk) (Fixed) (Total:1863.01 GB) (Free:716.87 GB) NTFS
Drive e: (Sims3EP10) (CDROM) (Total:4.37 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 167.7 GB) (Disk ID: 34838E54)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=167.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 0879521D)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End Of Log ============================

[vyosek]

Odinstalujte Spy Emergency

Zmensete velikost plochy, aby byla max 300 MB. Soubory\slozky presunte nekam na disk a na plose si nechte jen zastupce

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2011-09-16] (LogMeIn, Inc.)
  HKLM-x32\...\Run: [] => [X]
  HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe [3231032 2013-10-03] (NETGATE Technologies s.r.o.)
  HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\...\RunOnce: [ProdReg] => C:\Program Files (x86)\Creative\Product Registration\ProdReg.exe [1690112 2014-02-24] (Creative Technology Ltd)
  HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\...\RunOnce: [CTPostBootSequencer] => "C:\Users\MATOUS~1\AppData\Local\Temp\CTPBSeq.exe" /reglaunch /self_destruct <===== ATTENTION
  
  HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
  HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
  HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
  HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
  HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
  HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
  HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
  HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... 12454&OSP=
  SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
  BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
  Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
  Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
  Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
  
  FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
  FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
  FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\faststartff@gmail.com [Not Found]
  FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [Not Found]
  FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com [Not Found]
  FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\sepherdwilbur@aol.com [Not Found]
  
  CHR Extension: (Skype Click to Call) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-06-10]
  CHR Extension: (Skype Click to Call) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-01-19]
  CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
  
  R2 SpyEmrgSrv; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [3284008 2013-03-11] (NETGATE Technologies s.r.o.)
  S2 0c632643; "C:\Windows\system32\rundll32.exe" "c:\progra~3\intere~1\InterenetOptimizerSvc.dll",service
  S2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [X]
  S2 Hamachi2Svc; "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [X]
  S4 LMIRfsClientNP; No ImagePath
  R1 SpyEmrg; C:\Windows\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o.)
  S3 SpyEmrgAccess; C:\Windows\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o.)
  R3 SpyEmrgGuard; C:\Windows\System32\Drivers\spyemrg_guard.sys [18776 2011-04-21] (NETGATE Technologies s.r.o.)
  S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
  
  C:\Program Files\NETGATE\Spy Emergency
  c:\progra~3\intere~1
  2015-02-15 14:54 - 2015-02-15 14:54 - 06103040 _____ () C:\Program Files (x86)\GUT8F06.tmp
  2015-02-15 14:54 - 2015-02-15 14:54 - 00000000 ____D () C:\Program Files (x86)\GUM8F05.tmp
  2015-02-15 14:49 - 2015-02-15 14:09 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2015-02-15 14:46 - 2015-02-15 14:46 - 00000020 _____ () C:\Users\Matouskovi\AppData\Roaming\appdataFr3.bin
  2015-02-15 14:35 - 2015-02-15 14:54 - 00026129 _____ () C:\Users\Matouskovi\Desktop\FRST.txt
  2015-02-15 14:32 - 2015-02-15 14:32 - 00112640 _____ (forum.viry.cz) C:\Users\Matouskovi\Downloads\Nepotvrzeno 206061.crdownload
  2015-02-15 14:32 - 2015-02-15 14:32 - 00112640 _____ (forum.viry.cz) C:\Users\Matouskovi\Downloads\Nepotvrzeno 149854.crdownload
  2015-02-15 14:32 - 2015-02-15 14:32 - 00112640 _____ (forum.viry.cz) C:\Users\Matouskovi\Downloads\FRSTLauncher (2).exe
  2015-02-15 14:32 - 2015-02-15 14:32 - 00112640 _____ (forum.viry.cz) C:\Users\Matouskovi\Desktop\FRSTLauncher (2).exe
  2015-02-15 14:13 - 2015-02-15 14:07 - 00001333 _____ () C:\zoek-results2015-02-15-130727.log
  2015-02-15 14:07 - 2015-02-15 13:28 - 00001806 _____ () C:\zoek-results2015-02-15-122826.log
  2015-02-15 13:27 - 2014-06-10 15:12 - 00011186 _____ () C:\zoek-results2014-06-10-141202.log
  2015-02-15 13:24 - 2015-02-15 14:47 - 00000000 ____D () C:\zoek_backup
  2015-02-15 13:23 - 2015-02-15 13:23 - 01304576 _____ () C:\Users\Matouskovi\Downloads\zoek.exe
  2015-02-15 13:23 - 2015-02-15 13:23 - 01304576 _____ () C:\Users\Matouskovi\Desktop\zoek.exe
  2015-02-15 13:16 - 2015-02-15 13:19 - 00000000 ____D () C:\AdwCleaner
  2015-02-15 13:14 - 2015-02-15 13:14 - 02112512 _____ () C:\Users\Matouskovi\Desktop\adwcleaner_4.110.exe
  2015-02-15 13:13 - 2015-02-15 13:14 - 02112512 _____ () C:\Users\Matouskovi\Downloads\adwcleaner_4.110.exe
  2015-02-15 13:12 - 2015-02-15 13:13 - 00225167 _____ () C:\Users\Matouskovi\Downloads\avgremover.log
  2015-02-15 13:12 - 2015-02-15 13:12 - 03681088 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Matouskovi\Downloads\avg_remover_stf_x64_2015_5501.exe
  2015-02-15 12:55 - 2015-02-15 12:55 - 00000000 ____D () C:\rsit
  2015-02-15 12:55 - 2015-02-15 12:55 - 00000000 ____D () C:\Program Files\trend micro
  2015-02-15 12:54 - 2015-02-15 12:54 - 01222144 _____ () C:\Users\Matouskovi\Downloads\RSITx64.exe
  2015-01-22 17:47 - 2015-01-08 19:40 - 00000000 ____D () C:\Users\Matouskovi\AppData\Roaming\Spy Emergency
  C:\Windows\system32\msvdbuf.vbe
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  
  DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
  DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msvdbufSrv
  DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru
  DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess
  DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
  DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
  DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt